darkcomet | 1fd32c971eda8cca68cd14a4bf8e19a198c077dc1203e850937feba31977772c | Triage

Sharing

General

Target

84d7842c875a2e57d917981495788e67_JaffaCakes118
Size

667KB
Sample

241102-f9ayrazblb
MD5

84d7842c875a2e57d917981495788e67
SHA1

810e496f758b424ae70d120bbc50ee0c1647b056
SHA256

1fd32c971eda8cca68cd14a4bf8e19a198c077dc1203e850937feba31977772c
SHA512

55c948af45fbba702eb2573e0abf206bad86a8245704af80f812ce6f9385fc8c47847699babbc903bacae8694b80d756bfa6d8a625e56640a5ac438a15e32e7a
SSDEEP

12288:KfFcGAT79cO2ZKpKHNMF4lSHgojKs6iVjXU8Qfyr/GL01r:IpYoZKEMFLHgoTzVjk8QKLGLsr

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  84d7842c875a2e57d917981495788e67_JaffaCakes118
- Size
  
  667KB
- MD5
  
  84d7842c875a2e57d917981495788e67
- SHA1
  
  810e496f758b424ae70d120bbc50ee0c1647b056
- SHA256
  
  1fd32c971eda8cca68cd14a4bf8e19a198c077dc1203e850937feba31977772c
- SHA512
  
  55c948af45fbba702eb2573e0abf206bad86a8245704af80f812ce6f9385fc8c47847699babbc903bacae8694b80d756bfa6d8a625e56640a5ac438a15e32e7a
- SSDEEP
  
  12288:KfFcGAT79cO2ZKpKHNMF4lSHgojKs6iVjXU8Qfyr/GL01r:IpYoZKEMFLHgoTzVjk8QKLGLsr
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan