darkcomet | 5a3062efc5deea81468bbbae917234be3e8e226338ba613afbb651f967c53461 | Triage

Submit
Reports

Overview

overview

Static

static

3

ba98f5ea42...18.exe

windows7-x64

ba98f5ea42...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

ba98f5ea4230a937da854e297f70a656_JaffaCakes118
Size

1.3MB
Sample

240823-gkgknsyblc
MD5

ba98f5ea4230a937da854e297f70a656
SHA1

30febda242957d9eea29f90a8b541272c6d5256c
SHA256

5a3062efc5deea81468bbbae917234be3e8e226338ba613afbb651f967c53461
SHA512

bd8504bd61de24ad5cc2e5de93c7a950b12045ebe5668ebee11bbbcb243c08a5a01edbbbef4e17f6ee3de0d6780c63c9358cb3c368f5502bf21fe7148bf5f96d
SSDEEP

6144:A1ZtoVjBzKyZwfZwTZwUZwLhUTt5tewm0k/lJJUQ1QZw:jG0lyhUH/m0ktlu

Score

10^/10

darkcomet discovery rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ba98f5ea4230a937da854e297f70a656_JaffaCakes118.exe

Resource

win7-20240729-en

darkcomet discovery rat trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba98f5ea4230a937da854e297f70a656_JaffaCakes118.exe

Resource

win10v2004-20240802-en

darkcomet discovery rat trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba98f5ea4230a937da854e297f70a656_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  ba98f5ea4230a937da854e297f70a656
- SHA1
  
  30febda242957d9eea29f90a8b541272c6d5256c
- SHA256
  
  5a3062efc5deea81468bbbae917234be3e8e226338ba613afbb651f967c53461
- SHA512
  
  bd8504bd61de24ad5cc2e5de93c7a950b12045ebe5668ebee11bbbcb243c08a5a01edbbbef4e17f6ee3de0d6780c63c9358cb3c368f5502bf21fe7148bf5f96d
- SSDEEP
  
  6144:A1ZtoVjBzKyZwfZwTZwUZwLhUTt5tewm0k/lJJUQ1QZw:jG0lyhUH/m0ktlu
Score

10^/10

darkcomet discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojanupx

behavioral2

darkcometdiscoveryrattrojanupx

© 2018-2025

Terms | Privacy