darkcomet | ccaa41842daa38145940f89de8b2ae91f66d99edcce53dfb9ab2ad203f9702ec | Triage

Submit
Reports

Overview

overview

Static

static

e1e41642fa...18.exe

windows7-x64

e1e41642fa...18.exe

windows10-2004-x64

Sharing

General

Target

e1e41642fab121116849e1e950ead040_JaffaCakes118
Size

717KB
Sample

240915-g9n12szhlr
MD5

e1e41642fab121116849e1e950ead040
SHA1

b67ed6f514ab9bcc4a4bc482aaac4b8ff523e7c9
SHA256

ccaa41842daa38145940f89de8b2ae91f66d99edcce53dfb9ab2ad203f9702ec
SHA512

ade46233c72da060af49cd0a8a9fe6939d36c2ce333197263c918bfce4103e060d1ace5b55f5a4aaa8c11051d0e36e6493663823be758d42e7ad5e4159e4282f
SSDEEP

12288:NpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIb:vwAcu99lPzvxP+Bsz2XjWTRMQckkIb

Score

10^/10

darkcomet discovery rat trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e1e41642fab121116849e1e950ead040_JaffaCakes118.exe

Resource

win7-20240903-en

darkcomet discovery rat trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1e41642fab121116849e1e950ead040_JaffaCakes118.exe

Resource

win10v2004-20240802-en

darkcomet discovery rat trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e1e41642fab121116849e1e950ead040_JaffaCakes118
- Size
  
  717KB
- MD5
  
  e1e41642fab121116849e1e950ead040
- SHA1
  
  b67ed6f514ab9bcc4a4bc482aaac4b8ff523e7c9
- SHA256
  
  ccaa41842daa38145940f89de8b2ae91f66d99edcce53dfb9ab2ad203f9702ec
- SHA512
  
  ade46233c72da060af49cd0a8a9fe6939d36c2ce333197263c918bfce4103e060d1ace5b55f5a4aaa8c11051d0e36e6493663823be758d42e7ad5e4159e4282f
- SSDEEP
  
  12288:NpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIb:vwAcu99lPzvxP+Bsz2XjWTRMQckkIb
Score

10^/10

darkcomet discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojanupx

behavioral2

darkcometdiscoveryrattrojanupx

© 2018-2024

Terms | Privacy