darkcomet | 4eec0c5dbac8499c6c358576935a23e3d42e18cb7154e553ab34a6621572b197 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b566e34340f98cefdb2ca81f2e10ca7a_JaffaCakes118
Size

1.5MB
Sample

240821-214elayhpm
MD5

b566e34340f98cefdb2ca81f2e10ca7a
SHA1

6ece202b21aa283e99625fe2e9ec4b4578a54569
SHA256

4eec0c5dbac8499c6c358576935a23e3d42e18cb7154e553ab34a6621572b197
SHA512

0f727534bce7c3a4a95d3982f817a222345e709c55e1e85188710e60acd883a40e9cdbe4ab091df2699488907274bb58ab9624a2fc87491da162942e7c9614cf
SSDEEP

24576:XQOu6L7S9aKrQxPj4ATRP27bTjvHFcS3X:gOu6LS

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  b566e34340f98cefdb2ca81f2e10ca7a_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  b566e34340f98cefdb2ca81f2e10ca7a
- SHA1
  
  6ece202b21aa283e99625fe2e9ec4b4578a54569
- SHA256
  
  4eec0c5dbac8499c6c358576935a23e3d42e18cb7154e553ab34a6621572b197
- SHA512
  
  0f727534bce7c3a4a95d3982f817a222345e709c55e1e85188710e60acd883a40e9cdbe4ab091df2699488907274bb58ab9624a2fc87491da162942e7c9614cf
- SSDEEP
  
  24576:XQOu6L7S9aKrQxPj4ATRP27bTjvHFcS3X:gOu6LS
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan