darkcomet | e2a3149d18203f95828ad74f60f727bba1f17b1b5f46065286503b8b5c60a99c | Triage

Submit
Reports

Overview

overview

Static

static

3

569836e8df...18.exe

windows7-x64

569836e8df...18.exe

windows10-2004-x64

Sharing

General

Target

569836e8dfcace744163a000d7f00ee7_JaffaCakes118
Size

2.3MB
Sample

241018-k4twws1drm
MD5

569836e8dfcace744163a000d7f00ee7
SHA1

5f58ae8450b0c2cdda87adc80cabb390f50f35ff
SHA256

e2a3149d18203f95828ad74f60f727bba1f17b1b5f46065286503b8b5c60a99c
SHA512

dded2c79c56bb692073733231614b1f84969c5461e4f9628212b220a5158b20dbfe687320da7ef3bdf0df77d03c63bf8c42c45bd937fd99b1c32a211d4b2dda3
SSDEEP

49152:MehBswx41bdH/dCIeD4L6OIlZWmJ6q5DEp9:3fzx4ldFCx4L6PZ95DEn

Score

10^/10

darkcomet discovery rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

569836e8dfcace744163a000d7f00ee7_JaffaCakes118.exe

Resource

win7-20240903-en

darkcomet discovery rat trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

569836e8dfcace744163a000d7f00ee7_JaffaCakes118.exe

Resource

win10v2004-20241007-en

darkcomet discovery rat trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  569836e8dfcace744163a000d7f00ee7_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  569836e8dfcace744163a000d7f00ee7
- SHA1
  
  5f58ae8450b0c2cdda87adc80cabb390f50f35ff
- SHA256
  
  e2a3149d18203f95828ad74f60f727bba1f17b1b5f46065286503b8b5c60a99c
- SHA512
  
  dded2c79c56bb692073733231614b1f84969c5461e4f9628212b220a5158b20dbfe687320da7ef3bdf0df77d03c63bf8c42c45bd937fd99b1c32a211d4b2dda3
- SSDEEP
  
  49152:MehBswx41bdH/dCIeD4L6OIlZWmJ6q5DEp9:3fzx4ldFCx4L6PZ95DEn
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan

© 2018-2024

Terms | Privacy