darkcomet | bc520368f922bcf3d5a4f438bc07b998777927eda6be31cea2c9b0be57d08ddf | Triage

Sharing

General

Target

18dc9620f6dff64d200505bfe62cf6a9_JaffaCakes118
Size

333KB
Sample

241006-t3gplsyakf
MD5

18dc9620f6dff64d200505bfe62cf6a9
SHA1

42f09dda001e88023a463936dc1a608279e16806
SHA256

bc520368f922bcf3d5a4f438bc07b998777927eda6be31cea2c9b0be57d08ddf
SHA512

fef7caee155a504f76f6f7597d5e128881f3538eb52758d76442dee794d55cd266e13826746ead5a20d02b2397e5061b0039d03976f43e8b36e45f7e9bc7bd80
SSDEEP

6144:5+mDUj24gqbrXJ9Q0ExNIoMARxx34ELdK7MEmcWuCTxapkaRTiq9aH:cqUj2LErXJG00NIovRHIod6MEua2aRTW

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

legion123.no-ip.biz:81

Mutex

DC_MUTEX-SK1WXRD

Attributes

gencode
avWUHrfAgMH7
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  18dc9620f6dff64d200505bfe62cf6a9_JaffaCakes118
- Size
  
  333KB
- MD5
  
  18dc9620f6dff64d200505bfe62cf6a9
- SHA1
  
  42f09dda001e88023a463936dc1a608279e16806
- SHA256
  
  bc520368f922bcf3d5a4f438bc07b998777927eda6be31cea2c9b0be57d08ddf
- SHA512
  
  fef7caee155a504f76f6f7597d5e128881f3538eb52758d76442dee794d55cd266e13826746ead5a20d02b2397e5061b0039d03976f43e8b36e45f7e9bc7bd80
- SSDEEP
  
  6144:5+mDUj24gqbrXJ9Q0ExNIoMARxx34ELdK7MEmcWuCTxapkaRTiq9aH:cqUj2LErXJG00NIovRHIod6MEua2aRTW
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan