darkcomet | 708dc38a7f9f12b530f4a4b24827796965e45caa18159152c09cd8725f5f6223 | Triage

Sharing

General

Target

497cc1adf71701d788cf2f3ccfb7e13a_JaffaCakes118
Size

766KB
Sample

241015-xnjgfavhrj
MD5

497cc1adf71701d788cf2f3ccfb7e13a
SHA1

952d3c01c13aa8bde977249cd6447f24e1a3cecf
SHA256

708dc38a7f9f12b530f4a4b24827796965e45caa18159152c09cd8725f5f6223
SHA512

f324ef47bb40bdc2c49f56e87987b6a6be5c6b045fe031660956324ceea469728641021d7c3e40797c38f7aa65bbefacfb0909ac136bd5e1c1bef21d7668e347
SSDEEP

12288:U5ufvoz5f3i27gM2yTWDSAR42uN6C3/ja+Z+poKtjygWS3AJcrBQySwI3XX0uhG3:UkE5f3itM2yTWDSA4137Z+poK9ygWS3p

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  497cc1adf71701d788cf2f3ccfb7e13a_JaffaCakes118
- Size
  
  766KB
- MD5
  
  497cc1adf71701d788cf2f3ccfb7e13a
- SHA1
  
  952d3c01c13aa8bde977249cd6447f24e1a3cecf
- SHA256
  
  708dc38a7f9f12b530f4a4b24827796965e45caa18159152c09cd8725f5f6223
- SHA512
  
  f324ef47bb40bdc2c49f56e87987b6a6be5c6b045fe031660956324ceea469728641021d7c3e40797c38f7aa65bbefacfb0909ac136bd5e1c1bef21d7668e347
- SSDEEP
  
  12288:U5ufvoz5f3i27gM2yTWDSAR42uN6C3/ja+Z+poKtjygWS3AJcrBQySwI3XX0uhG3:UkE5f3itM2yTWDSA4137Z+poK9ygWS3p
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan