darkcomet | 9f7a2160c61dd85bcad350253f8b2ebe1f17a40280ac029633bcd598a609a21b | Triage

Sharing

General

Target

JaffaCakes118_65108bc835200b2d285e784e0d5bd92b
Size

646KB
Sample

250102-pkd4js1ray
MD5

65108bc835200b2d285e784e0d5bd92b
SHA1

42c559758f4f4a7078f8a3706f443ba45d1ec3db
SHA256

9f7a2160c61dd85bcad350253f8b2ebe1f17a40280ac029633bcd598a609a21b
SHA512

9babdc009e74ca4ec89c195fe5c72631a6e824fffd33cb59fe231fbcbcddab9c301a6161f7c511ee0f5effe885640ec48ae0da27212ee0dab91fd36974e20fb8
SSDEEP

12288:Q8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixG:JUKoN0bUxgGa/pfBHDb+y1HgZQ

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_65108bc835200b2d285e784e0d5bd92b
- Size
  
  646KB
- MD5
  
  65108bc835200b2d285e784e0d5bd92b
- SHA1
  
  42c559758f4f4a7078f8a3706f443ba45d1ec3db
- SHA256
  
  9f7a2160c61dd85bcad350253f8b2ebe1f17a40280ac029633bcd598a609a21b
- SHA512
  
  9babdc009e74ca4ec89c195fe5c72631a6e824fffd33cb59fe231fbcbcddab9c301a6161f7c511ee0f5effe885640ec48ae0da27212ee0dab91fd36974e20fb8
- SSDEEP
  
  12288:Q8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixG:JUKoN0bUxgGa/pfBHDb+y1HgZQ
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan