darkcomet | db4d6d5b15cd42afbbc80382e983a8d3f51293bd5873948029ee48836d0064e0 | Triage

Sharing

General

Target

0fe933c02673da237517709ac544094c_JaffaCakes118
Size

660KB
Sample

240625-3cz8pszemc
MD5

0fe933c02673da237517709ac544094c
SHA1

6691bf1eec798ce360d149ccc1f2640177867fd1
SHA256

db4d6d5b15cd42afbbc80382e983a8d3f51293bd5873948029ee48836d0064e0
SHA512

cbc401b0e6bdc638b1081f808312ba199d7483c1ddbf3f84a4e31e4e970acf6c102376918982f4495dfd95d2b90837c9fdee538be4301908ae0417c8c45146e9
SSDEEP

12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U/:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JP

Score

10^/10

darkcomet bot rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

BOT

C2

newusername.no-ip.biz:1604

Mutex

DCMIN_MUTEX-JU3S8HZ

Attributes

gencode
xyGY64YKGoUd
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  0fe933c02673da237517709ac544094c_JaffaCakes118
- Size
  
  660KB
- MD5
  
  0fe933c02673da237517709ac544094c
- SHA1
  
  6691bf1eec798ce360d149ccc1f2640177867fd1
- SHA256
  
  db4d6d5b15cd42afbbc80382e983a8d3f51293bd5873948029ee48836d0064e0
- SHA512
  
  cbc401b0e6bdc638b1081f808312ba199d7483c1ddbf3f84a4e31e4e970acf6c102376918982f4495dfd95d2b90837c9fdee538be4301908ae0417c8c45146e9
- SSDEEP
  
  12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U/:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JP
Score

10^/10

darkcomet bot rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometbotrattrojan

behavioral2

darkcometbotrattrojan