darkcomet | bdc483de6b24f12b5abb396f9adf503be2b56404fd5df0d09c02ce45bf3282be | Triage

Sharing

General

Target

JaffaCakes118_08d7861d28de2e203ab5f77aa0411270
Size

658KB
Sample

241231-ha37csypfq
MD5

08d7861d28de2e203ab5f77aa0411270
SHA1

fdd522bf16dd3bf2d8aca6b4f5323e67de2cc82c
SHA256

bdc483de6b24f12b5abb396f9adf503be2b56404fd5df0d09c02ce45bf3282be
SHA512

c5bfeed42fded31668d8afcd1af3bd5c6c7d7fa0ae6847fc14151e4a8992d01b4b1e7ddde17f829896d1c363c2c58a99558b988b2eaa91f7f942eb440b5020a4
SSDEEP

12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hP:uZ1xuVVjfFoynPaVBUR8f+kN10EBd

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

68.193.134.34:1604

192.168.1.105:1604

Mutex

DC_MUTEX-KRMWZK4

Attributes

gencode
K8QyldDlDeJK
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  JaffaCakes118_08d7861d28de2e203ab5f77aa0411270
- Size
  
  658KB
- MD5
  
  08d7861d28de2e203ab5f77aa0411270
- SHA1
  
  fdd522bf16dd3bf2d8aca6b4f5323e67de2cc82c
- SHA256
  
  bdc483de6b24f12b5abb396f9adf503be2b56404fd5df0d09c02ce45bf3282be
- SHA512
  
  c5bfeed42fded31668d8afcd1af3bd5c6c7d7fa0ae6847fc14151e4a8992d01b4b1e7ddde17f829896d1c363c2c58a99558b988b2eaa91f7f942eb440b5020a4
- SSDEEP
  
  12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hP:uZ1xuVVjfFoynPaVBUR8f+kN10EBd
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan