darkcomet | 7a450fd6d3ed11f90ee5c2d3aefb168d7345c1f9c7b6d3957725e4a35fdb4993 | Triage

Sharing

General

Target

d1cf5a8d87ce8b13645690fc3eb83973_JaffaCakes118
Size

722KB
Sample

240907-nezmma1hmf
MD5

d1cf5a8d87ce8b13645690fc3eb83973
SHA1

6255fa6a4e420501e77955dc1440e57ef8bb47c2
SHA256

7a450fd6d3ed11f90ee5c2d3aefb168d7345c1f9c7b6d3957725e4a35fdb4993
SHA512

b9b585b2757e5e8a32ba7e6c7fc71540010d835ab18f3144eccc8f87e181bce76ab387c8780cda4da8fd2aea865aa75c5e52d5625b52e5fc838f519f43711157
SSDEEP

12288:gFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJE:Q3nbWmJVJFwSddIXvfhqbiaxvRxq9u

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  d1cf5a8d87ce8b13645690fc3eb83973_JaffaCakes118
- Size
  
  722KB
- MD5
  
  d1cf5a8d87ce8b13645690fc3eb83973
- SHA1
  
  6255fa6a4e420501e77955dc1440e57ef8bb47c2
- SHA256
  
  7a450fd6d3ed11f90ee5c2d3aefb168d7345c1f9c7b6d3957725e4a35fdb4993
- SHA512
  
  b9b585b2757e5e8a32ba7e6c7fc71540010d835ab18f3144eccc8f87e181bce76ab387c8780cda4da8fd2aea865aa75c5e52d5625b52e5fc838f519f43711157
- SSDEEP
  
  12288:gFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJE:Q3nbWmJVJFwSddIXvfhqbiaxvRxq9u
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan