darkcomet | 763bd57d8dec6366174644ca1e92f974f895c3c995900068b1b1e013c00c2bec | Triage

Sharing

General

Target

7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118
Size

1.5MB
Sample

240528-mg7kksgf72
MD5

7ca08682ca6d9a60cdb68190196b644e
SHA1

224ef3c5376281b7aed832cfe0a07b3d88e94634
SHA256

763bd57d8dec6366174644ca1e92f974f895c3c995900068b1b1e013c00c2bec
SHA512

43fac1261f7a3008435fb17c1fdc85a45d263907a433c3feec8690e41da2dac316a18e04f4b349b37eee5b7c072f29dd115d786ef41b3380584b682da5aecee1
SSDEEP

24576:GiEYxyUt70b7sTJb0HxP7kOw17mjIpn2KwJfV97:1V00p0RP75o6jUnxcfH7

Score

10^/10

darkcomet hacked rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

hacked

C2

sulumanco.duckdns.org:4000

Mutex

DCMIN_MUTEX-5JGPC4U

Attributes

gencode
PSXl8AA8UgHs
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  7ca08682ca6d9a60cdb68190196b644e
- SHA1
  
  224ef3c5376281b7aed832cfe0a07b3d88e94634
- SHA256
  
  763bd57d8dec6366174644ca1e92f974f895c3c995900068b1b1e013c00c2bec
- SHA512
  
  43fac1261f7a3008435fb17c1fdc85a45d263907a433c3feec8690e41da2dac316a18e04f4b349b37eee5b7c072f29dd115d786ef41b3380584b682da5aecee1
- SSDEEP
  
  24576:GiEYxyUt70b7sTJb0HxP7kOw17mjIpn2KwJfV97:1V00p0RP75o6jUnxcfH7
Score

10^/10

darkcomet hacked rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2
- Target
  
  file.exe
- Size
  
  1.6MB
- MD5
  
  e3603e6b91428087eb12338246595774
- SHA1
  
  81a184ffb1dbd62a7ecf555ab53d820be7bda8af
- SHA256
  
  5c583a1d407073f8db55e5facd87a7cfb476b8ec1df2b04d516320c749be985d
- SHA512
  
  16e3a3db42b93b227f7815d5b6a6e06df43556fb0262f993d9e3126803f4f1ce8af7b982c4c805136208a5a2352ed79c70bf8c412194e6e73ccc0caa11814b10
- SSDEEP
  
  24576:+Cdxte/80jYLT3U1jfsWaDJ04dZLqgEYdCyX609yh4Or0tD6yqueQ:Xw80cTsjkWaDuNO4yXJSDQtm4
Score

10^/10

darkcomet hacked rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcomethackedrattrojan

behavioral2

darkcomethackedrattrojan

behavioral3

darkcomethackedrattrojan

behavioral4

darkcomethackedrattrojan