darkcomet | bf3f6b4a13820b0762bf0606b20a5fc3997b497ef65118c1130a410f67968e61 | Triage

Sharing

General

Target

afe58a6dd97767428a1ad33c14f1a6b0_JaffaCakes118
Size

756KB
Sample

240615-xn9cvs1gnd
MD5

afe58a6dd97767428a1ad33c14f1a6b0
SHA1

c62afd9063294762ed8b4700b94773c223359c65
SHA256

bf3f6b4a13820b0762bf0606b20a5fc3997b497ef65118c1130a410f67968e61
SHA512

ce3f79fadb635463107c7d771e19ecaacc673c97701b1d471eead762ee30df561683ef9a0aab6069738af4e943d9775827b8edb80de1509e66f82dd9af512933
SSDEEP

12288:o9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h3GN:cZ1xuVVjfFoynPaVBUR8f+kN10EBcN

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-AZ1J7TJ

Attributes

gencode
3AcLpWA5iAUs
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  afe58a6dd97767428a1ad33c14f1a6b0_JaffaCakes118
- Size
  
  756KB
- MD5
  
  afe58a6dd97767428a1ad33c14f1a6b0
- SHA1
  
  c62afd9063294762ed8b4700b94773c223359c65
- SHA256
  
  bf3f6b4a13820b0762bf0606b20a5fc3997b497ef65118c1130a410f67968e61
- SHA512
  
  ce3f79fadb635463107c7d771e19ecaacc673c97701b1d471eead762ee30df561683ef9a0aab6069738af4e943d9775827b8edb80de1509e66f82dd9af512933
- SSDEEP
  
  12288:o9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h3GN:cZ1xuVVjfFoynPaVBUR8f+kN10EBcN
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan