darkcomet | a3f490659b60e4d2cb7bec8d48c91d2b4b3cbe1a2608ad441f66d6c375310a57 | Triage

Sharing

General

Target

1b9fbc46ff47f1cbde60aef5ef3de936_JaffaCakes118
Size

658KB
Sample

241007-fp414a1elc
MD5

1b9fbc46ff47f1cbde60aef5ef3de936
SHA1

9ecd185914a2bcc6c2f467bfb22e3cbd9c1f244f
SHA256

a3f490659b60e4d2cb7bec8d48c91d2b4b3cbe1a2608ad441f66d6c375310a57
SHA512

b016bc74b9c555249adecd2a0cf0da5acc7710fb6e2e6e99374bc7b156fac63b8f4222fe7f9b854c5fae5ab8c3b20dca5037b64ed3cf3da2cb119ff911708222
SSDEEP

12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7:WZ1xuVVjfFoynPaVBUR8f+kN10EBh

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

adamosmm13.no-ip.biz:1604

Mutex

DC_MUTEX-52Q0DJ0

Attributes

gencode
xH47lUMNea53
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  1b9fbc46ff47f1cbde60aef5ef3de936_JaffaCakes118
- Size
  
  658KB
- MD5
  
  1b9fbc46ff47f1cbde60aef5ef3de936
- SHA1
  
  9ecd185914a2bcc6c2f467bfb22e3cbd9c1f244f
- SHA256
  
  a3f490659b60e4d2cb7bec8d48c91d2b4b3cbe1a2608ad441f66d6c375310a57
- SHA512
  
  b016bc74b9c555249adecd2a0cf0da5acc7710fb6e2e6e99374bc7b156fac63b8f4222fe7f9b854c5fae5ab8c3b20dca5037b64ed3cf3da2cb119ff911708222
- SSDEEP
  
  12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7:WZ1xuVVjfFoynPaVBUR8f+kN10EBh
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan