darkcomet | f792c84cac59615ddf3bcdfb3193a4a71f7a5454db15627bbe5164a102c7a560 | Triage

Sharing

General

Target

JaffaCakes118_682c04837131b63dce882e15e8e760f0
Size

477KB
Sample

250102-zlr2xavpd1
MD5

682c04837131b63dce882e15e8e760f0
SHA1

7e2e43558052876d451c20755822f5b5eb5048c9
SHA256

f792c84cac59615ddf3bcdfb3193a4a71f7a5454db15627bbe5164a102c7a560
SHA512

5e398bf0dda9f5ee84e9b72eb84436cba65665ad16e56f3d0f9f1faf8947840f1c4afc2cae0d681b370e6a5fc598c3fc2e8fd2b2c39a6a0eeff81a7bfd721322
SSDEEP

12288:J/WQy1nfggq7t007u8ujLtJNe87ueyUwzJnLUE:J/L2nf5q7t007u1fu2wzJT

Score

10^/10

darkcomet guest16

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

fyourdumass.bounceme.net:200

Mutex

DC_MUTEX-84FSWHY

Attributes

InstallPath
MSDCSC\msdcsc.exe
gencode
wZt6hjCewfsl
install
true
offline_keylogger
true
password
justin8712
persistence
true
reg_key
MicroUpdate

Targets

- Target
  
  test2_lh.exe
- Size
  
  674KB
- MD5
  
  fb99cbf926f5a6dfc5d7bdc896c18219
- SHA1
  
  6127752ddcfa78e2c10e2ded0dc5b2c0d200c153
- SHA256
  
  7d9d4feb95420d95cbcce00d66b013ba9d0d14ebc495b78a9ee28d418f44174e
- SHA512
  
  fc78f14bb8f754363c9164b73931b8b37aab7f35b26e8c8054cc46bbe141fb1f571b281528aa8531ec2d71b954513b33245498d2697ed10c4dab1f097bd87436
- SSDEEP
  
  12288:ERn+2E2frI1XocdoyDkVShnPBaOiRZTERfIhNkNCCLo9Ek5C/cOvOjr:E5+2M1VOvV4PBUR8f+kN10EBS
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

guest16darkcomet

behavioral1

behavioral2