darkcomet | 7a097c0d98ef1eb154add34a8641bda4d9cec751c722cb1af1fae9aaef71cc78 | Triage

Sharing

General

Target

5c2db70f99be448c7ce5eef4004e3b99_JaffaCakes118
Size

527KB
Sample

240719-qza6waxdjd
MD5

5c2db70f99be448c7ce5eef4004e3b99
SHA1

4fa84d05e3d0764357795ebd5b74a5386a92752f
SHA256

7a097c0d98ef1eb154add34a8641bda4d9cec751c722cb1af1fae9aaef71cc78
SHA512

2f2123020258d28c6b83c32584e26ae505c40fb5b47121c5dd2cc22813b92d84bd7aa7dcc5d9df56fc6928d00e77adc977b1ebe9718968c1f6af7ba1c3d99b7f
SSDEEP

12288:Q9jXIMlSia8JyH8d3zScOC9Y/OiaWVVJL0GGCXNc/5:UjRNauycd3zSA19+Q+u5

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-0SR134T

Attributes

gencode
8QPKGQajuMgz
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  5c2db70f99be448c7ce5eef4004e3b99_JaffaCakes118
- Size
  
  527KB
- MD5
  
  5c2db70f99be448c7ce5eef4004e3b99
- SHA1
  
  4fa84d05e3d0764357795ebd5b74a5386a92752f
- SHA256
  
  7a097c0d98ef1eb154add34a8641bda4d9cec751c722cb1af1fae9aaef71cc78
- SHA512
  
  2f2123020258d28c6b83c32584e26ae505c40fb5b47121c5dd2cc22813b92d84bd7aa7dcc5d9df56fc6928d00e77adc977b1ebe9718968c1f6af7ba1c3d99b7f
- SSDEEP
  
  12288:Q9jXIMlSia8JyH8d3zScOC9Y/OiaWVVJL0GGCXNc/5:UjRNauycd3zSA19+Q+u5
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan