darkcomet | bccaafee70ae1c45bc486a9dfcc5e93bb76926c7eef37c795dbf0d63539e5227 | Triage

Submit
Reports

Overview

overview

Static

static

3

832f277a3c...18.exe

windows7-x64

832f277a3c...18.exe

windows10-2004-x64

Sharing

General

Target

832f277a3cb8ce3f11e9d69a2543b7c6_JaffaCakes118
Size

1.1MB
Sample

241031-qwm19sxng1
MD5

832f277a3cb8ce3f11e9d69a2543b7c6
SHA1

ec8bad1d3eab0f13dbc42a563dca337933e8c648
SHA256

bccaafee70ae1c45bc486a9dfcc5e93bb76926c7eef37c795dbf0d63539e5227
SHA512

21a43a57b7994f7b6682b99b67199e24e1af203a8a1116491d4f42e6ca919e1e9f020d5172dd91a95e63229c71061d64954c4ac22f8b5036c6cc9ac3c3f0aa75
SSDEEP

12288:ZO3b12UvyapNeALRAHnuWmH/cHYZpghcTAjbNsjj59XksJ65sY59iD11WKs:ZOxzU/qcuAjbNsjj5+8esY58i

Score

10^/10

darkcomet discovery rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

832f277a3cb8ce3f11e9d69a2543b7c6_JaffaCakes118.exe

Resource

win7-20241023-en

darkcomet discovery rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

832f277a3cb8ce3f11e9d69a2543b7c6_JaffaCakes118.exe

Resource

win10v2004-20241007-en

darkcomet discovery rat trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  832f277a3cb8ce3f11e9d69a2543b7c6_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  832f277a3cb8ce3f11e9d69a2543b7c6
- SHA1
  
  ec8bad1d3eab0f13dbc42a563dca337933e8c648
- SHA256
  
  bccaafee70ae1c45bc486a9dfcc5e93bb76926c7eef37c795dbf0d63539e5227
- SHA512
  
  21a43a57b7994f7b6682b99b67199e24e1af203a8a1116491d4f42e6ca919e1e9f020d5172dd91a95e63229c71061d64954c4ac22f8b5036c6cc9ac3c3f0aa75
- SSDEEP
  
  12288:ZO3b12UvyapNeALRAHnuWmH/cHYZpghcTAjbNsjj59XksJ65sY59iD11WKs:ZOxzU/qcuAjbNsjj5+8esY58i
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan

© 2018-2024

Terms | Privacy