darkcomet | 811d419721f98c111a94b0c60b6b2f2261303201dd910b6df6d65d6c7725d8a4 | Triage

Sharing

General

Target

06b470584406886c089298fceb94ee06_JaffaCakes118
Size

660KB
Sample

240620-rhkveswcjm
MD5

06b470584406886c089298fceb94ee06
SHA1

7ee17df13805733522dad9858e8145319f823fc9
SHA256

811d419721f98c111a94b0c60b6b2f2261303201dd910b6df6d65d6c7725d8a4
SHA512

9489409ae3b4d692e3ade798bc3610148591eb6b861b77adedb774dd2409af8e896db28a9a0bd1bb1bacd4c0ea335b0380058977a64f6d7cc5a37066a86e756f
SSDEEP

12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U8:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Js

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-PTR6XQ5

Attributes

gencode
YZJlegsyewdt
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  06b470584406886c089298fceb94ee06_JaffaCakes118
- Size
  
  660KB
- MD5
  
  06b470584406886c089298fceb94ee06
- SHA1
  
  7ee17df13805733522dad9858e8145319f823fc9
- SHA256
  
  811d419721f98c111a94b0c60b6b2f2261303201dd910b6df6d65d6c7725d8a4
- SHA512
  
  9489409ae3b4d692e3ade798bc3610148591eb6b861b77adedb774dd2409af8e896db28a9a0bd1bb1bacd4c0ea335b0380058977a64f6d7cc5a37066a86e756f
- SSDEEP
  
  12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U8:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Js
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan