darkcomet | a18fb7a9760fdc6972a10f4293920013d68c490e61c1416241e374dde0be790a | Triage

Sharing

General

Target

a96c6a654c3f122f483d9b3185c44394_JaffaCakes118
Size

658KB
Sample

240614-njr4casdqj
MD5

a96c6a654c3f122f483d9b3185c44394
SHA1

3e11d18c70260c61f985cc5d59868fe21e75906d
SHA256

a18fb7a9760fdc6972a10f4293920013d68c490e61c1416241e374dde0be790a
SHA512

5c3ea0918446537a97bd85aa22e16e9d3c1225f4ab2ba5c414c74df706ef0b325c69f8ec2e3090382c75a91e076b95d50d415d1e642dc1a379ef667e14c1b2ff
SSDEEP

12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFj:SiBIGkbxqEcjsWiDxguehC2SA

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-0EF1ZAG

Attributes

gencode
VS2XXx4PpZsQ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  a96c6a654c3f122f483d9b3185c44394_JaffaCakes118
- Size
  
  658KB
- MD5
  
  a96c6a654c3f122f483d9b3185c44394
- SHA1
  
  3e11d18c70260c61f985cc5d59868fe21e75906d
- SHA256
  
  a18fb7a9760fdc6972a10f4293920013d68c490e61c1416241e374dde0be790a
- SHA512
  
  5c3ea0918446537a97bd85aa22e16e9d3c1225f4ab2ba5c414c74df706ef0b325c69f8ec2e3090382c75a91e076b95d50d415d1e642dc1a379ef667e14c1b2ff
- SSDEEP
  
  12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFj:SiBIGkbxqEcjsWiDxguehC2SA
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan