Extracted

• • Target

    0a62af46dcf7072571e40cd9d6091bb04b62e88e043496127b36871fb07b534aN

  • Size

    430KB

  • MD5

    e0d6a1a9287d1408cd21559123d7b240

  • SHA1

    6bf371c744dcbafa061a3566e1e99c91ff134178

  • SHA256

    0a62af46dcf7072571e40cd9d6091bb04b62e88e043496127b36871fb07b534a

  • SHA512

    03bc5cd56f73fb1592544a719ca79cc8d867b3e0b0f4fc3e042ab3b4e4352417f37a4e9a8c3ba23df0c0d15d177fd9c2abf702c0310d04550f3f0bec9b24c3b8

  • SSDEEP

    6144:WYmHLKxXSSe9bGVGy4AmQ9ayfHBAfmhX5mggooeP3jvWmzi3MizYqI/xhrv9:TUmgb5Amma6BAf+5mOjvW13XIh79

  Score

  10^/10

  darkcometguest16discoveryrattrojanupx

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2