darkcomet | dc23173da7de7acde799a610c3bca882d265683944bcac6646f87248e06dd672 | Triage

Sharing

General

Target

7d029fc9e5d3d0f417da7415da90c25f_JaffaCakes118
Size

634KB
Sample

241029-2rjc3aspbm
MD5

7d029fc9e5d3d0f417da7415da90c25f
SHA1

df4a2e9138078207f0bd0208a040aca70f59e840
SHA256

dc23173da7de7acde799a610c3bca882d265683944bcac6646f87248e06dd672
SHA512

3ce80c236e612339f506ddab935952a0b6d4e195bbc26397814bdafe9ff1d88f38723eae0ed5fbe70f2de7b42857a210bf0c170c978d26601328c0a23fd5bc96
SSDEEP

12288:cpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/J:mwAcu99lPzvxP+Bsz2XjWTRMQckkIXnx

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  7d029fc9e5d3d0f417da7415da90c25f_JaffaCakes118
- Size
  
  634KB
- MD5
  
  7d029fc9e5d3d0f417da7415da90c25f
- SHA1
  
  df4a2e9138078207f0bd0208a040aca70f59e840
- SHA256
  
  dc23173da7de7acde799a610c3bca882d265683944bcac6646f87248e06dd672
- SHA512
  
  3ce80c236e612339f506ddab935952a0b6d4e195bbc26397814bdafe9ff1d88f38723eae0ed5fbe70f2de7b42857a210bf0c170c978d26601328c0a23fd5bc96
- SSDEEP
  
  12288:cpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/J:mwAcu99lPzvxP+Bsz2XjWTRMQckkIXnx
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan