darkcomet | abd680e63cda6546f3414f63199ab03a966f4839d41a58fc5bbc3109b5e851a0 | Triage

Sharing

General

Target

9106a8fecb93bcf9b62eea9487ce078f_JaffaCakes118
Size

689KB
Sample

240603-jsn1tsge81
MD5

9106a8fecb93bcf9b62eea9487ce078f
SHA1

0332a86792a2374365dd9263ba00837dfe3d6f01
SHA256

abd680e63cda6546f3414f63199ab03a966f4839d41a58fc5bbc3109b5e851a0
SHA512

ac36747def7b2e6a61a648256e0aea101b10375f90356cef1c85390e107ae36e06c88a13e101c80b29bb941f9ce0d685fd97c0bb1f8802395cf221890c90840c
SSDEEP

12288:S9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyF8N:+iBIGkbxqEcjsWiDxguehC2Sf

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-CMN9WZ6

Attributes

gencode
iVZ9D8psBBFU
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  9106a8fecb93bcf9b62eea9487ce078f_JaffaCakes118
- Size
  
  689KB
- MD5
  
  9106a8fecb93bcf9b62eea9487ce078f
- SHA1
  
  0332a86792a2374365dd9263ba00837dfe3d6f01
- SHA256
  
  abd680e63cda6546f3414f63199ab03a966f4839d41a58fc5bbc3109b5e851a0
- SHA512
  
  ac36747def7b2e6a61a648256e0aea101b10375f90356cef1c85390e107ae36e06c88a13e101c80b29bb941f9ce0d685fd97c0bb1f8802395cf221890c90840c
- SSDEEP
  
  12288:S9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyF8N:+iBIGkbxqEcjsWiDxguehC2Sf
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan