darkcomet | ea8e4fda194c9b93c80f62c549b342e06c7079d25a73180f0699775e31c7371b | Triage

Submit
Reports

Overview

overview

Static

static

3

678c941e97...18.exe

windows7-x64

678c941e97...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

678c941e97351d00c4ad788f517a3005_JaffaCakes118
Size

521KB
Sample

240723-pd7saasbmg
MD5

678c941e97351d00c4ad788f517a3005
SHA1

e7f445ad79f4aa13c37e8d7ee3a0ab10c805ac03
SHA256

ea8e4fda194c9b93c80f62c549b342e06c7079d25a73180f0699775e31c7371b
SHA512

97f1cbfb6d92e3b4acb6d6396af4efd4d6dca78ec24dfb5e9eebe73647500477cb6fe37ef115d5e404a64c341602a33073b569710bf2b466781b35d628bd35be
SSDEEP

12288:wAun8MBDxCWo9kvrVHeeC3T2+Asgoi7YxX97ni7c:wAun8MBgWukNC3hhiWNnt

Score

10^/10

darkcomet guest16 rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

678c941e97351d00c4ad788f517a3005_JaffaCakes118.exe

Resource

win7-20240704-en

darkcomet guest16 rat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

678c941e97351d00c4ad788f517a3005_JaffaCakes118.exe

Resource

win10v2004-20240709-en

darkcomet guest16 rat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

ab11.no-ip.biz:1604

Mutex

DC_MUTEX-ENK4SB4

Attributes

gencode
dqVWNGpFujjS
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  678c941e97351d00c4ad788f517a3005_JaffaCakes118
- Size
  
  521KB
- MD5
  
  678c941e97351d00c4ad788f517a3005
- SHA1
  
  e7f445ad79f4aa13c37e8d7ee3a0ab10c805ac03
- SHA256
  
  ea8e4fda194c9b93c80f62c549b342e06c7079d25a73180f0699775e31c7371b
- SHA512
  
  97f1cbfb6d92e3b4acb6d6396af4efd4d6dca78ec24dfb5e9eebe73647500477cb6fe37ef115d5e404a64c341602a33073b569710bf2b466781b35d628bd35be
- SSDEEP
  
  12288:wAun8MBDxCWo9kvrVHeeC3T2+Asgoi7YxX97ni7c:wAun8MBgWukNC3hhiWNnt
Score

10^/10

darkcomet guest16 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcometguest16rattrojanupx

behavioral2

darkcometguest16rattrojanupx

© 2018-2025

Terms | Privacy