darkcomet | 0ed8ae6930f266f5d6800fcbfc5fb660b287511b5ba50a87b1e5369fa81b37b6 | Triage

Sharing

General

Target

6e644bab6733c8423b126205eebba4f5_JaffaCakes118
Size

776KB
Sample

241023-mfvjmavcna
MD5

6e644bab6733c8423b126205eebba4f5
SHA1

f1251a9b59048227de476460875fee17b08a173c
SHA256

0ed8ae6930f266f5d6800fcbfc5fb660b287511b5ba50a87b1e5369fa81b37b6
SHA512

96a98ce945c7770496394d8c86503b9951b72bac6cbccf023234b02c9484d6afca68b0fa22653b2ab895981fb6c0dee6495aaf851fec88f6d8f3c67c554d0283
SSDEEP

12288:kw7KC+ure8TDKgPAy7q8yT3krcoy8/hdb0op1OZqmDJjtfkEMhoE271Azw3vM/H3:/KCJK8KFbZTtoy8pdYcsZNREc3qPkvm

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  6e644bab6733c8423b126205eebba4f5_JaffaCakes118
- Size
  
  776KB
- MD5
  
  6e644bab6733c8423b126205eebba4f5
- SHA1
  
  f1251a9b59048227de476460875fee17b08a173c
- SHA256
  
  0ed8ae6930f266f5d6800fcbfc5fb660b287511b5ba50a87b1e5369fa81b37b6
- SHA512
  
  96a98ce945c7770496394d8c86503b9951b72bac6cbccf023234b02c9484d6afca68b0fa22653b2ab895981fb6c0dee6495aaf851fec88f6d8f3c67c554d0283
- SSDEEP
  
  12288:kw7KC+ure8TDKgPAy7q8yT3krcoy8/hdb0op1OZqmDJjtfkEMhoE271Azw3vM/H3:/KCJK8KFbZTtoy8pdYcsZNREc3qPkvm
Score

10^/10

discovery darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkcometdiscoveryrattrojan