Overview

overview

10

Static

static

10

2101191398...aN.exe

windows7-x64

10

2101191398...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21011913981581ca754fd207f7f732ac92bca50eb9d738bd7a9f1cab8593f58aN

  • Size

    658KB

  • Sample

    240930-zavcwstfnl

  • MD5

    f226b87c50e6cd0f7e07c446187b5620

  • SHA1

    6e182f8c1f1ff8abfb774594138417091c5c7df0

  • SHA256

    21011913981581ca754fd207f7f732ac92bca50eb9d738bd7a9f1cab8593f58a

  • SHA512

    48d48939743a46ba58721e5daa522235e0d969010d86ce4a95caab8ff6e61e5505b9d794ccacecbb78b067d79c83564875f32bdc0d74169a751f810f5b43aca0

  • SSDEEP

    12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h6:eZ1xuVVjfFoynPaVBUR8f+kN10EBs

Score
10/10
darkcometguest16discoveryrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

pisynlol.ddns.net:7777

Mutex

DC_MUTEX-4HZZ8JD

Attributes
  • gencode

    f5pTQWpcFeBQ

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      21011913981581ca754fd207f7f732ac92bca50eb9d738bd7a9f1cab8593f58aN

    • Size

      658KB

    • MD5

      f226b87c50e6cd0f7e07c446187b5620

    • SHA1

      6e182f8c1f1ff8abfb774594138417091c5c7df0

    • SHA256

      21011913981581ca754fd207f7f732ac92bca50eb9d738bd7a9f1cab8593f58a

    • SHA512

      48d48939743a46ba58721e5daa522235e0d969010d86ce4a95caab8ff6e61e5505b9d794ccacecbb78b067d79c83564875f32bdc0d74169a751f810f5b43aca0

    • SSDEEP

      12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h6:eZ1xuVVjfFoynPaVBUR8f+kN10EBs

    Score
    10/10
    darkcometguest16discoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks