darkcomet | e483c64b859031332cbdf8906df1860ea1aebfbf06ffea8edba73dbde4ba07bf | Triage

Sharing

General

Target

6616a629700968191a76d20cae5b7740_JaffaCakes118
Size

692KB
Sample

241021-j14q9awdmf
MD5

6616a629700968191a76d20cae5b7740
SHA1

10d784593ca88b138243d37bf9d0aab03853ad11
SHA256

e483c64b859031332cbdf8906df1860ea1aebfbf06ffea8edba73dbde4ba07bf
SHA512

57b16703a5dc045e837e60b315b51de6400f87ac1b5626b2f6db3c3b49bc279677a6b4f8f03a38d813be675e92b8f0a2ab3283cc28737fe2a96c8814d8211f18
SSDEEP

12288:LrP+fLvLn8M5GRqhfruELfu0AMSYgk04aqMd0QZh9u1:X+Dvb8grumfJAhk1aD0QZh9u1

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

7amza00.zapto.org:922

Mutex

DC_MUTEX-Y91X4DX

Attributes

gencode
tHMm1ixAhhMf
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  6616a629700968191a76d20cae5b7740_JaffaCakes118
- Size
  
  692KB
- MD5
  
  6616a629700968191a76d20cae5b7740
- SHA1
  
  10d784593ca88b138243d37bf9d0aab03853ad11
- SHA256
  
  e483c64b859031332cbdf8906df1860ea1aebfbf06ffea8edba73dbde4ba07bf
- SHA512
  
  57b16703a5dc045e837e60b315b51de6400f87ac1b5626b2f6db3c3b49bc279677a6b4f8f03a38d813be675e92b8f0a2ab3283cc28737fe2a96c8814d8211f18
- SSDEEP
  
  12288:LrP+fLvLn8M5GRqhfruELfu0AMSYgk04aqMd0QZh9u1:X+Dvb8grumfJAhk1aD0QZh9u1
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan