darkcomet

General

Target

bfddcb9f18a3d23067437604d38fb705_JaffaCakes118
Size

233KB
Sample

240825-bz1n7ssgpl
MD5

bfddcb9f18a3d23067437604d38fb705
SHA1

46f33b33c07bdf23aec73939d13012274d869416
SHA256

dfd4ab321c78e201145ab51520eb59a26a734746a0e9335d7d696764ae22502f
SHA512

ffe5b2124ca058d24ffa248fd7c37c7f5c66242e2a0577bd733499e87683df533a8b41455ac663c682eb55ff909435236c1b000602b0877bdac05aa8eb1a3ace
SSDEEP

6144:Lc9WgRW/knqNzenrsMNZs/Sp5mWp296aFBtweGQApAWoS:ApRHpNZN9p296aFYZpNoS

Score

10^/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

handsomehearteng.zapto.org:1604

Mutex

DCMIN_MUTEX-PET76MS

Attributes

gencode
4sLxuNQC3An3
install
false
offline_keylogger
true
persistence
false

Extracted

Family

latentbot

C2

handsomehearteng.zapto.org

Targets

- Target
  
  bfddcb9f18a3d23067437604d38fb705_JaffaCakes118
- Size
  
  233KB
- MD5
  
  bfddcb9f18a3d23067437604d38fb705
- SHA1
  
  46f33b33c07bdf23aec73939d13012274d869416
- SHA256
  
  dfd4ab321c78e201145ab51520eb59a26a734746a0e9335d7d696764ae22502f
- SHA512
  
  ffe5b2124ca058d24ffa248fd7c37c7f5c66242e2a0577bd733499e87683df533a8b41455ac663c682eb55ff909435236c1b000602b0877bdac05aa8eb1a3ace
- SSDEEP
  
  6144:Lc9WgRW/knqNzenrsMNZs/Sp5mWp296aFBtweGQApAWoS:ApRHpNZN9p296aFYZpNoS
Score

10^/10

darkcomet latentbot guest16_min discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

LatentBot

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2