darkcomet | 8e23aeb4ed652d7434de13142fd37457c50139d49b241e9605ab8abd0d6ae96c | Triage

Sharing

General

Target

8e23aeb4ed652d7434de13142fd37457c50139d49b241e9605ab8abd0d6ae96c
Size

1.2MB
Sample

241030-b61msaspat
MD5

0fd75b31e391704f6d8eb2d249ee8e77
SHA1

3c97afddc908b6b040779b7af63c967a5d468fa1
SHA256

8e23aeb4ed652d7434de13142fd37457c50139d49b241e9605ab8abd0d6ae96c
SHA512

45afaa9027a583aa74b9b25156efee4151d033b10b856de68c83b5c231491f403a08820d6774c92342cc1173e6771e2699503654b08ec76eae7a96ddd9305c0e
SSDEEP

24576:EbWOaHn3mWKvkVpjlCzoILZFQ2MsQ+UNzKUiejW1s6jLjaW:E6pWvkVFlUoILZFQ2MM8eneB+Z

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  8e23aeb4ed652d7434de13142fd37457c50139d49b241e9605ab8abd0d6ae96c
- Size
  
  1.2MB
- MD5
  
  0fd75b31e391704f6d8eb2d249ee8e77
- SHA1
  
  3c97afddc908b6b040779b7af63c967a5d468fa1
- SHA256
  
  8e23aeb4ed652d7434de13142fd37457c50139d49b241e9605ab8abd0d6ae96c
- SHA512
  
  45afaa9027a583aa74b9b25156efee4151d033b10b856de68c83b5c231491f403a08820d6774c92342cc1173e6771e2699503654b08ec76eae7a96ddd9305c0e
- SSDEEP
  
  24576:EbWOaHn3mWKvkVpjlCzoILZFQ2MsQ+UNzKUiejW1s6jLjaW:E6pWvkVFlUoILZFQ2MM8eneB+Z
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan