darkcomet | 49c0e6b4ce12a35dd25868d038a83975c0c336e074d5d41294138e88b87863a2 | Triage

Sharing

General

Target

fd9dd22e2c75023364b1a64aca1d1552_JaffaCakes118
Size

680KB
Sample

241218-3yfq7axndx
MD5

fd9dd22e2c75023364b1a64aca1d1552
SHA1

32ea56c6a9e548b372de7b3c6fac2ed14cd9887f
SHA256

49c0e6b4ce12a35dd25868d038a83975c0c336e074d5d41294138e88b87863a2
SHA512

e81ae3d8a368e127f8350d347e2eb12b169d6599b33f0d383526c9e1f5c201667afddcca9ec6b13f066af55c0606b43b4c0a8f52111dc5681808c36e4ecf62a0
SSDEEP

12288:5GiF3JNaoskuj7XKIFG2rPUmzKdnZUIbI5CZI6FYRX+21C0o81JAUU:5t17PskmKcbUuKdnyIM5oFKc0oS

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  fd9dd22e2c75023364b1a64aca1d1552_JaffaCakes118
- Size
  
  680KB
- MD5
  
  fd9dd22e2c75023364b1a64aca1d1552
- SHA1
  
  32ea56c6a9e548b372de7b3c6fac2ed14cd9887f
- SHA256
  
  49c0e6b4ce12a35dd25868d038a83975c0c336e074d5d41294138e88b87863a2
- SHA512
  
  e81ae3d8a368e127f8350d347e2eb12b169d6599b33f0d383526c9e1f5c201667afddcca9ec6b13f066af55c0606b43b4c0a8f52111dc5681808c36e4ecf62a0
- SSDEEP
  
  12288:5GiF3JNaoskuj7XKIFG2rPUmzKdnZUIbI5CZI6FYRX+21C0o81JAUU:5t17PskmKcbUuKdnyIM5oFKc0oS
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan