darkcomet | 964b9a59015e847d1dfcb014f494ebf73c66dcad41d8acfe1772de0ae7cf5ea7 | Triage

Submit
Reports

Overview

overview

Static

static

Bloxstrap-v2.8.1.exe

windows7-x64

Sharing

General

Target

Bloxstrap-v2.8.1.exe
Size

11.8MB
Sample

241123-xwferaxqhn
MD5

e69a7ea8d0eb02161014099e87649d41
SHA1

cd55596fc4e8de9c63e0558b767e9cdd33fb0074
SHA256

964b9a59015e847d1dfcb014f494ebf73c66dcad41d8acfe1772de0ae7cf5ea7
SHA512

cff49a2db8f18f9c3031062667cdd989ae6ec95c44d34bb8b8bbddfcf2f44ce8affc1a55eb80969dab834152b25cb05903792688ebe94fcd0393b0f5439baf3d
SSDEEP

98304:SFqZ+pv3Tscod5DFasb/r5vGWD3EOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTlLO:SFqZ+pLscVsb/r5vGlObAbN0IQ

Score

10^/10

darkcomet guest16 discovery rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Bloxstrap-v2.8.1.exe

Resource

win7-20240903-en

darkcomet guest16 discovery rat trojan

windows7-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

saw-shirts.gl.at.ply.gg:4164

Mutex

DC_MUTEX-CKC2QC9

Attributes

InstallPath
Bloxstrap.exe
gencode
g4KLit9u75vm
install
true
offline_keylogger
true
persistence
false
reg_key
MicroUpdate

Targets

- Target
  
  Bloxstrap-v2.8.1.exe
- Size
  
  11.8MB
- MD5
  
  e69a7ea8d0eb02161014099e87649d41
- SHA1
  
  cd55596fc4e8de9c63e0558b767e9cdd33fb0074
- SHA256
  
  964b9a59015e847d1dfcb014f494ebf73c66dcad41d8acfe1772de0ae7cf5ea7
- SHA512
  
  cff49a2db8f18f9c3031062667cdd989ae6ec95c44d34bb8b8bbddfcf2f44ce8affc1a55eb80969dab834152b25cb05903792688ebe94fcd0393b0f5439baf3d
- SSDEEP
  
  98304:SFqZ+pv3Tscod5DFasb/r5vGWD3EOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTlLO:SFqZ+pLscVsb/r5vGlObAbN0IQ
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan

© 2018-2024

Terms | Privacy