darkcomet | e43c03c2941f7500fa0ced3e83fe7629b48dd4755fc924c21cb555600b5d0d79 | Triage

Sharing

General

Target

4b630c873b396b16fb7fb6155218d48d_JaffaCakes118
Size

997KB
Sample

241016-e2ndfawgqq
MD5

4b630c873b396b16fb7fb6155218d48d
SHA1

240bfea34932753e309f2f8820f87984e25553d0
SHA256

e43c03c2941f7500fa0ced3e83fe7629b48dd4755fc924c21cb555600b5d0d79
SHA512

123fabe4b5d034265d69f917aeac8bb1570b63059e3ba98326787a9a041e5f42d6e67641d778b40ceb9a6fe333ab0ba5ba903f83f31172385fa0db967edc2fa9
SSDEEP

24576:iyR1QouzD66qgHbBviIMRS0MAclT9MWaHUkGzM:iUOujg7BfiMflGL

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  4b630c873b396b16fb7fb6155218d48d_JaffaCakes118
- Size
  
  997KB
- MD5
  
  4b630c873b396b16fb7fb6155218d48d
- SHA1
  
  240bfea34932753e309f2f8820f87984e25553d0
- SHA256
  
  e43c03c2941f7500fa0ced3e83fe7629b48dd4755fc924c21cb555600b5d0d79
- SHA512
  
  123fabe4b5d034265d69f917aeac8bb1570b63059e3ba98326787a9a041e5f42d6e67641d778b40ceb9a6fe333ab0ba5ba903f83f31172385fa0db967edc2fa9
- SSDEEP
  
  24576:iyR1QouzD66qgHbBviIMRS0MAclT9MWaHUkGzM:iUOujg7BfiMflGL
Score

10^/10

discovery darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkcometdiscoveryrattrojan