darkcomet | 3a9bcf6f7309dfa32c37b0f95b02ca5894c5269840eac7981d5dffa480488896 | Triage

Submit
Reports

Overview

overview

Static

static

e265340a50...18.exe

windows7-x64

e265340a50...18.exe

windows10-2004-x64

Sharing

General

Target

e265340a508e32cc11b3f5673f3c8cf2_JaffaCakes118
Size

991KB
Sample

240915-nshahasfpk
MD5

e265340a508e32cc11b3f5673f3c8cf2
SHA1

50cf8d26050a3234afba15c35ae71c7aa8231fd3
SHA256

3a9bcf6f7309dfa32c37b0f95b02ca5894c5269840eac7981d5dffa480488896
SHA512

627edfda64ef5f339b34c466e6418f7a8d9d0ddd4fd7803d614f124c902ee1f37d44665ea2d7a12f36ad1959caec923a2babc72fa335a6186acc213d32109415
SSDEEP

24576:G3nbWmJVJFwSddIXvfhqbiaxvRFq5JzR:QamdZdcBY4tR

Score

10^/10

darkcomet latentbot discovery rat trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e265340a508e32cc11b3f5673f3c8cf2_JaffaCakes118.exe

Resource

win7-20240903-en

darkcomet latentbot discovery rat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e265340a508e32cc11b3f5673f3c8cf2_JaffaCakes118.exe

Resource

win10v2004-20240802-en

darkcomet latentbot discovery rat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

latentbot

C2

winterdemon.zapto.org

Targets

- Target
  
  e265340a508e32cc11b3f5673f3c8cf2_JaffaCakes118
- Size
  
  991KB
- MD5
  
  e265340a508e32cc11b3f5673f3c8cf2
- SHA1
  
  50cf8d26050a3234afba15c35ae71c7aa8231fd3
- SHA256
  
  3a9bcf6f7309dfa32c37b0f95b02ca5894c5269840eac7981d5dffa480488896
- SHA512
  
  627edfda64ef5f339b34c466e6418f7a8d9d0ddd4fd7803d614f124c902ee1f37d44665ea2d7a12f36ad1959caec923a2babc72fa335a6186acc213d32109415
- SSDEEP
  
  24576:G3nbWmJVJFwSddIXvfhqbiaxvRFq5JzR:QamdZdcBY4tR
Score

10^/10

darkcomet latentbot discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometlatentbotdiscoveryrattrojanupx

behavioral2

darkcometlatentbotdiscoveryrattrojanupx

© 2018-2024

Terms | Privacy