darkcomet | abbcd4d75bd5e1e979451a5e59e71fb9de374e7976fbe73ba57c9aa747d1aff1 | Triage

Submit
Reports

Overview

overview

Static

static

18d57a24f9...18.exe

windows7-x64

18d57a24f9...18.exe

windows10-2004-x64

Sharing

General

Target

18d57a24f9cccf227dc37b073ee86dfd_JaffaCakes118
Size

252KB
Sample

241006-tw9rtaxfrh
MD5

18d57a24f9cccf227dc37b073ee86dfd
SHA1

2abda87eca6c739e277beb326135be2200c05661
SHA256

abbcd4d75bd5e1e979451a5e59e71fb9de374e7976fbe73ba57c9aa747d1aff1
SHA512

4182329c032ba90607413443c24ec502f15e6b3eefe700acf2e742b5055669b9d5d4b9bfa36f018550306dc7150ec4ee47bf1c1494515e998fe4d8b09eea29c5
SSDEEP

6144:XD7cY2fgssM7Wirg9KXylmRiL+QMeC/i6isqX7UovnONztByipwxZ:Xl8E4w5huat7UovONzbXw

Score

10^/10

darkcomet hf discovery rat trojan upx

Static task

static1

upx hf darkcomet

3 signatures

Behavioral task

behavioral1

Sample

18d57a24f9cccf227dc37b073ee86dfd_JaffaCakes118.exe

Resource

win7-20240903-en

darkcomet hf discovery rat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

18d57a24f9cccf227dc37b073ee86dfd_JaffaCakes118.exe

Resource

win10v2004-20240802-en

darkcomet hf discovery rat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

HF

C2

86.105.190.50:1604

Mutex

DC_MUTEX-NEC6V77

Attributes

gencode
q1282i1hj9jX
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  18d57a24f9cccf227dc37b073ee86dfd_JaffaCakes118
- Size
  
  252KB
- MD5
  
  18d57a24f9cccf227dc37b073ee86dfd
- SHA1
  
  2abda87eca6c739e277beb326135be2200c05661
- SHA256
  
  abbcd4d75bd5e1e979451a5e59e71fb9de374e7976fbe73ba57c9aa747d1aff1
- SHA512
  
  4182329c032ba90607413443c24ec502f15e6b3eefe700acf2e742b5055669b9d5d4b9bfa36f018550306dc7150ec4ee47bf1c1494515e998fe4d8b09eea29c5
- SSDEEP
  
  6144:XD7cY2fgssM7Wirg9KXylmRiL+QMeC/i6isqX7UovnONztByipwxZ:Xl8E4w5huat7UovONzbXw
Score

10^/10

darkcomet hf discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcomethfdiscoveryrattrojanupx

behavioral2

darkcomethfdiscoveryrattrojanupx

© 2018-2025

Terms | Privacy