darkcomet

General

Target

Dark comet .zip
Size

28.2MB
Sample

240927-vb4whasann
MD5

6ce1cd8300530d17acb12e1f5334aca8
SHA1

917b27bd22111378a7213b0f50fec5900b3039d5
SHA256

271f0a2954d67b4e05703a47ff9379033e854943e0ee2c0ea9581a28639b498a
SHA512

a5c5913edbdb49886adb30cfd14610d868da49e293202bbb45de01490eaff5cd0003f233179fb52380e93dbac2aea7a14f54758d03534093481979f09bc27fa9
SSDEEP

786432:h5i+5RVRwkK0ByT5klcPPw/6e3Dx7W+zFvnZV1zqmp5o6K:u+5RVOkK0w54cPY/6e3dS+zNnZVc0xK

Score

10^/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

127.0.0.1:1604

Mutex

DCMIN_MUTEX-6NVM9VT

Attributes

InstallPath
DCSCMIN\IMDCSC.exe
gencode
UK2Bgjd1gQ7p
install
true
offline_keylogger
true
persistence
false
reg_key
DarkComet RAT

Targets

- Target
  
  Dark comet .zip
- Size
  
  28.2MB
- MD5
  
  6ce1cd8300530d17acb12e1f5334aca8
- SHA1
  
  917b27bd22111378a7213b0f50fec5900b3039d5
- SHA256
  
  271f0a2954d67b4e05703a47ff9379033e854943e0ee2c0ea9581a28639b498a
- SHA512
  
  a5c5913edbdb49886adb30cfd14610d868da49e293202bbb45de01490eaff5cd0003f233179fb52380e93dbac2aea7a14f54758d03534093481979f09bc27fa9
- SSDEEP
  
  786432:h5i+5RVRwkK0ByT5klcPPw/6e3Dx7W+zFvnZV1zqmp5o6K:u+5RVOkK0w54cPY/6e3dS+zNnZVc0xK
Score

1^/10
behavioral1
- Target
  
  Dark comet /Dark Comet 5.3.zip
- Size
  
  15.2MB
- MD5
  
  b96d5b0ff3c8f7952d67d2b6f7b651c5
- SHA1
  
  afca13aa7b084954ea8263e54dc498bd75135c92
- SHA256
  
  9f5bff6b61033f3e7c14f331a108731a6a03deb1edbb95a5e772fb692e6b55b7
- SHA512
  
  917f9f5136532a7b8d62c35692a297d265ce95c635390d234089764d2b158aa868ece71a3fdee59312605e497a1f357f00393957877fc9e492148c5c2099637a
- SSDEEP
  
  393216:GlgvAGb6lo3sKE6fePOul3jbVKEVGiKkJmwoMQaMNGL:GGoGbSTKE7x33BGiKkJmjMQXsL
Score

1^/10
behavioral2
- Target
  
  Dark Comet 5.3/Dark Comet/DarkComet.exe
- Size
  
  11.3MB
- MD5
  
  d761f3aa64064a706a521ba14d0f8741
- SHA1
  
  ab7382bcfdf494d0327fccce9c884592bcc1adeb
- SHA256
  
  21ca06b18698d14154a45822aaae1e3837d168cc7630bcd3ec3d8c68aaa959e6
- SHA512
  
  d2274c03f805a5cd62104492e154fc225c3f6997091accb2f4bff165308fc82ba0d9adf185ec744222bcb4ece08d1ba754a35a2d88c10c5743f4d2e66494377f
- SSDEEP
  
  196608:TPvqxSrDTVokQwhM/kSEMTQINokXJw7lW740VeqQPR:LCxSrFokQw2NjUYuWU0t
Score

10^/10

darkcomet discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3
- Target
  
  Dark comet /DarkComet-RAT v4.2F fwb.zip
- Size
  
  13.1MB
- MD5
  
  8fb62b5bc21a9812904a2eacd2e90101
- SHA1
  
  a15485127aad779355c3508ce89f4197c987d66b
- SHA256
  
  f0320be554bd4a09517c59108113c315d8274eba94c3eb1c51ce2f5af9ee38ab
- SHA512
  
  92a2fd81326977a4e4bd46f7772be0f67b82ec8f3af2b4374e30c9f71d9b380143128c39e657245979b94f62343ba90b6d963ca155c5f9f6a225c910c64c4447
- SSDEEP
  
  393216:zP/+gLHEj+gCFCVfrPbVKgYnDYOjw4QFRJLVa:zegLHEMC1zMnDYOjvQFHLVa
Score

1^/10
behavioral4
- Target
  
  DarkComet-RAT v4.2F fwb/DarkComet/DarkComet.exe
- Size
  
  9.8MB
- MD5
  
  725c03e97e1f33bef9f47021ad8883b6
- SHA1
  
  3912db7b2070537178af5134f27bd508a6b0245f
- SHA256
  
  bc01c98fcd3e3bcf836254ba2ea39813c9129c342a609fc8c9dfc59b94f0a2f6
- SHA512
  
  c0e51a8ce83487a51bc577335ccd678bf238e6f94d6db5e7d9f1a52a864fa23bdd65e39ab494367f7730e9011533dda128b045344672759d04f2f60890149ea2
- SSDEEP
  
  98304:A2zCi/L6DZ9Zf3XdKcde8vorlBSFZyqBAc7c1KNkaoCY6ptXvja0NPIXlVqkoe/e:vzC5DZ/Xdns6oZ1EMDao+vjaCwWb0e
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral5