darkcomet | f97a0c03bb0b5500dbe1e4b6c6a91febb1a7569fd8ca68d91def011dc39e92b3 | Triage

Sharing

General

Target

a842987b1f6682d15608f135c7f63066_JaffaCakes118
Size

758KB
Sample

240818-z8afdaveqb
MD5

a842987b1f6682d15608f135c7f63066
SHA1

1ee7df80fef5d68a2b5b2bdb3899098d0c5449d1
SHA256

f97a0c03bb0b5500dbe1e4b6c6a91febb1a7569fd8ca68d91def011dc39e92b3
SHA512

56d2f5edc397611ee4c7efb794f124dcf8d8531c6fbb1e2f2d1dd6f6d02c0839d873ba5c7d7db5b2be5561e97fc6de86e5154895cd92206e41c8bcc1e32a5ba8
SSDEEP

12288:oxGwXJLo2caCllqpx+IWaqhSiAOy9HM4vhJhyL2yelPGXZgCyolk3+xePU:oxxo5epwIh0Sp917AguXCChk4e8

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  a842987b1f6682d15608f135c7f63066_JaffaCakes118
- Size
  
  758KB
- MD5
  
  a842987b1f6682d15608f135c7f63066
- SHA1
  
  1ee7df80fef5d68a2b5b2bdb3899098d0c5449d1
- SHA256
  
  f97a0c03bb0b5500dbe1e4b6c6a91febb1a7569fd8ca68d91def011dc39e92b3
- SHA512
  
  56d2f5edc397611ee4c7efb794f124dcf8d8531c6fbb1e2f2d1dd6f6d02c0839d873ba5c7d7db5b2be5561e97fc6de86e5154895cd92206e41c8bcc1e32a5ba8
- SSDEEP
  
  12288:oxGwXJLo2caCllqpx+IWaqhSiAOy9HM4vhJhyL2yelPGXZgCyolk3+xePU:oxxo5epwIh0Sp917AguXCChk4e8
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan