darkcomet | b69aea3925e1687e8fc644c6e666d666798910375b76d95d96e13ec3da991754 | Triage

Sharing

General

Target

57271dd79a64644596e66c5da25c3c02_JaffaCakes118
Size

897KB
Sample

241018-ne474stfme
MD5

57271dd79a64644596e66c5da25c3c02
SHA1

7261bfb35512d95bb81b1818e85443852429aad1
SHA256

b69aea3925e1687e8fc644c6e666d666798910375b76d95d96e13ec3da991754
SHA512

9be1f816722da7c5ee72ade11555aa485b8e3b0b125d4a35771bc2bd52d15cfa4b4d5f66b64893c01cf24f9d9e98267aa2e69541aa8f8c0fe3ba84ebbdb910a4
SSDEEP

24576:h8yGfierWHXKYOXJlQZfqj64sb/GbOCe:R1j3xYlmb/G

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  57271dd79a64644596e66c5da25c3c02_JaffaCakes118
- Size
  
  897KB
- MD5
  
  57271dd79a64644596e66c5da25c3c02
- SHA1
  
  7261bfb35512d95bb81b1818e85443852429aad1
- SHA256
  
  b69aea3925e1687e8fc644c6e666d666798910375b76d95d96e13ec3da991754
- SHA512
  
  9be1f816722da7c5ee72ade11555aa485b8e3b0b125d4a35771bc2bd52d15cfa4b4d5f66b64893c01cf24f9d9e98267aa2e69541aa8f8c0fe3ba84ebbdb910a4
- SSDEEP
  
  24576:h8yGfierWHXKYOXJlQZfqj64sb/GbOCe:R1j3xYlmb/G
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan