darkcomet | 8613e438bacff934a161c68323d623a86c67475f8c34148cbadf797c82c8e545 | Triage

Sharing

General

Target

1fdd14606c290bde1767187aeeba552e_JaffaCakes118
Size

660KB
Sample

240702-s4a3sazanb
MD5

1fdd14606c290bde1767187aeeba552e
SHA1

7d82cec430d37c0f555efa709e6799f1ded9dedd
SHA256

8613e438bacff934a161c68323d623a86c67475f8c34148cbadf797c82c8e545
SHA512

94bba5a25d0f5709e82c45a170afb820a0d0fd09c0b18699b445075a67ee54b82c14d71250c88dbad6d3da078f3227686b935c46f04c0844fa77d3d84e728a9b
SSDEEP

12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UW:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jm

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

randomseerver.no-ip.info:1604

Mutex

DC_MUTEX-K55V370

Attributes

gencode
qotPxHRg8URL
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  1fdd14606c290bde1767187aeeba552e_JaffaCakes118
- Size
  
  660KB
- MD5
  
  1fdd14606c290bde1767187aeeba552e
- SHA1
  
  7d82cec430d37c0f555efa709e6799f1ded9dedd
- SHA256
  
  8613e438bacff934a161c68323d623a86c67475f8c34148cbadf797c82c8e545
- SHA512
  
  94bba5a25d0f5709e82c45a170afb820a0d0fd09c0b18699b445075a67ee54b82c14d71250c88dbad6d3da078f3227686b935c46f04c0844fa77d3d84e728a9b
- SSDEEP
  
  12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UW:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jm
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan