Overview

overview

10

Static

static

10

8a387ed7c4...a2.exe

windows7-x64

10

8a387ed7c4...a2.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

  • Size

    658KB

  • Sample

    240914-3dx5qssgqf

  • MD5

    8b6332828d48d0c640fc3bbe1120cfa9

  • SHA1

    6582266a29c36a3fb9f7bf157d465ff9843b4bef

  • SHA256

    8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

  • SHA512

    07719e8a78c85fc14dfe74a47caf548a09fa112c56876455806562674bb27aaa8dc136fd40b67a8eaba961d53a4c9c3a6230637bafe49feb0a52defe8de48703

  • SSDEEP

    12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFZ:SiBIGkbxqEcjsWiDxguehC2SW

Score
10/10
darkcometguest16discoveryrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-MLSJZEK

Attributes
  • gencode

    NzJ0ZsZsDhVk

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

    • Size

      658KB

    • MD5

      8b6332828d48d0c640fc3bbe1120cfa9

    • SHA1

      6582266a29c36a3fb9f7bf157d465ff9843b4bef

    • SHA256

      8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

    • SHA512

      07719e8a78c85fc14dfe74a47caf548a09fa112c56876455806562674bb27aaa8dc136fd40b67a8eaba961d53a4c9c3a6230637bafe49feb0a52defe8de48703

    • SSDEEP

      12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFZ:SiBIGkbxqEcjsWiDxguehC2SW

    Score
    10/10
    darkcometguest16discoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks