darkcomet | f0231d6a0b5c8e28dcd682d92e338dad469fe36718f04ff8db3edf8802921848 | Triage

Sharing

General

Target

b67be7807625b7b880a5403d66e5b032_JaffaCakes118
Size

820KB
Sample

241202-dk4hnawnh1
MD5

b67be7807625b7b880a5403d66e5b032
SHA1

41970d2833f451d3de0f2c03bba7fb42be6f10b2
SHA256

f0231d6a0b5c8e28dcd682d92e338dad469fe36718f04ff8db3edf8802921848
SHA512

0848751d2b625ec28dc95cd152d245019f64bf01ffc0e22ad5f35c04efbbb26abb4755d9a4c34f41cb706187e04421c5318e5a06ee1ed0fbe6966314be9fe12b
SSDEEP

12288:zFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJgFIIhII:B3nbWmJVJFwSddIXvfhqbiaxvRxq9

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  b67be7807625b7b880a5403d66e5b032_JaffaCakes118
- Size
  
  820KB
- MD5
  
  b67be7807625b7b880a5403d66e5b032
- SHA1
  
  41970d2833f451d3de0f2c03bba7fb42be6f10b2
- SHA256
  
  f0231d6a0b5c8e28dcd682d92e338dad469fe36718f04ff8db3edf8802921848
- SHA512
  
  0848751d2b625ec28dc95cd152d245019f64bf01ffc0e22ad5f35c04efbbb26abb4755d9a4c34f41cb706187e04421c5318e5a06ee1ed0fbe6966314be9fe12b
- SSDEEP
  
  12288:zFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJgFIIhII:B3nbWmJVJFwSddIXvfhqbiaxvRxq9
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Drops file in Drivers directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan