darkcomet | 3af5a3ca414e2f988c1b3d5b8cdf17755311172cb4cd5da48024a590458d05f8 | Triage

Submit
Reports

Overview

overview

Static

static

3

90c5fb280c...18.exe

windows7-x64

90c5fb280c...18.exe

windows10-2004-x64

Sharing

General

Target

90c5fb280c4da17556f6aeaad7fc739f_JaffaCakes118
Size

904KB
Sample

241123-1egs2axnhy
MD5

90c5fb280c4da17556f6aeaad7fc739f
SHA1

7576274fd70d94cf77bfc53c85a18c29cce4367d
SHA256

3af5a3ca414e2f988c1b3d5b8cdf17755311172cb4cd5da48024a590458d05f8
SHA512

df5080e4ff0e74e79e51638da200da8c1699a5929619f64994aa38b267b0cd8dd31d31a09c0847e1186421cd486fec0ff2a2d3c20f32193dd36485d1cc08d053
SSDEEP

12288:yh5BwsRozSef8BqMhXe9o5SJ0gtlL+7IAMF8zCWvyjwJslzijbCCl+c2m/zsdFu:U52sRPek0YePRS7EFzzjwSjk7EFu

Score

10^/10

darkcomet discovery rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

90c5fb280c4da17556f6aeaad7fc739f_JaffaCakes118.exe

Resource

win7-20240903-en

darkcomet discovery rat trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

90c5fb280c4da17556f6aeaad7fc739f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

darkcomet discovery rat trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  90c5fb280c4da17556f6aeaad7fc739f_JaffaCakes118
- Size
  
  904KB
- MD5
  
  90c5fb280c4da17556f6aeaad7fc739f
- SHA1
  
  7576274fd70d94cf77bfc53c85a18c29cce4367d
- SHA256
  
  3af5a3ca414e2f988c1b3d5b8cdf17755311172cb4cd5da48024a590458d05f8
- SHA512
  
  df5080e4ff0e74e79e51638da200da8c1699a5929619f64994aa38b267b0cd8dd31d31a09c0847e1186421cd486fec0ff2a2d3c20f32193dd36485d1cc08d053
- SSDEEP
  
  12288:yh5BwsRozSef8BqMhXe9o5SJ0gtlL+7IAMF8zCWvyjwJslzijbCCl+c2m/zsdFu:U52sRPek0YePRS7EFzzjwSjk7EFu
Score

10^/10

darkcomet discovery rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojanupx

behavioral2

darkcometdiscoveryrattrojanupx

© 2018-2024

Terms | Privacy