darkcomet | 981ce7959633db1883f12966d8ba7c8bce13ff57a8916fd87a6bbe2dea43cfac | Triage

Sharing

General

Target

6dc8407ba82ec9c53b926ba1d6992387_JaffaCakes118
Size

499KB
Sample

241023-jnnjhaydpe
MD5

6dc8407ba82ec9c53b926ba1d6992387
SHA1

c5ca320304193b41b49441abcaa04351b055982d
SHA256

981ce7959633db1883f12966d8ba7c8bce13ff57a8916fd87a6bbe2dea43cfac
SHA512

95a695ff30bcaefd12a495e39a2983af489039388c96ce382f157b49fda4b1ba140c9fdb8d4b6d132979b161f695658f76f363e673fe1300b5972d39fbc1c337
SSDEEP

12288:Jeckb5KEhacLYenfEMB65lltl52hc3DmJmHw:Jeckb5rhxRn88WrZsZKw

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  6dc8407ba82ec9c53b926ba1d6992387_JaffaCakes118
- Size
  
  499KB
- MD5
  
  6dc8407ba82ec9c53b926ba1d6992387
- SHA1
  
  c5ca320304193b41b49441abcaa04351b055982d
- SHA256
  
  981ce7959633db1883f12966d8ba7c8bce13ff57a8916fd87a6bbe2dea43cfac
- SHA512
  
  95a695ff30bcaefd12a495e39a2983af489039388c96ce382f157b49fda4b1ba140c9fdb8d4b6d132979b161f695658f76f363e673fe1300b5972d39fbc1c337
- SSDEEP
  
  12288:Jeckb5KEhacLYenfEMB65lltl52hc3DmJmHw:Jeckb5rhxRn88WrZsZKw
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan