darkcomet | 18339a71b8848d1891fcbf86b6aa1649f4342f6087078e184f74d44c54380895 | Triage

Sharing

General

Target

2960c74f184736b7c1ff060a492d0849_JaffaCakes118
Size

1000KB
Sample

240706-z3bq9avgng
MD5

2960c74f184736b7c1ff060a492d0849
SHA1

fcea4e5a9516ff344b5947ffd066452062523677
SHA256

18339a71b8848d1891fcbf86b6aa1649f4342f6087078e184f74d44c54380895
SHA512

5a78e465f49d962159e0e42daf3861b8869f477bf323ea9d1ac08b5fe6ac4180dc92d4432dd683b8a2b54e640a5a6d3c80713e40794e80de8907711f93599bb4
SSDEEP

24576:BOA4aWNn/m09fKIaaBEtWq3A1Ov8JgbcSw4qY/:cgEjyITimxu

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

rr6600.no-ip.biz:1604

Mutex

DC_MUTEX-KDTA2ZM

Attributes

gencode
larxvhPugW8i
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  2960c74f184736b7c1ff060a492d0849_JaffaCakes118
- Size
  
  1000KB
- MD5
  
  2960c74f184736b7c1ff060a492d0849
- SHA1
  
  fcea4e5a9516ff344b5947ffd066452062523677
- SHA256
  
  18339a71b8848d1891fcbf86b6aa1649f4342f6087078e184f74d44c54380895
- SHA512
  
  5a78e465f49d962159e0e42daf3861b8869f477bf323ea9d1ac08b5fe6ac4180dc92d4432dd683b8a2b54e640a5a6d3c80713e40794e80de8907711f93599bb4
- SSDEEP
  
  24576:BOA4aWNn/m09fKIaaBEtWq3A1Ov8JgbcSw4qY/:cgEjyITimxu
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan