darkcomet | afbeb39cebead58124f0ae6e146d065dc234077d3a829642c822eff865eab8c3 | Triage

Sharing

General

Target

JaffaCakes118_6a308cb4f1ab09b0ba9f449915777659
Size

646KB
Sample

250103-exzwnssjhr
MD5

6a308cb4f1ab09b0ba9f449915777659
SHA1

cc647edc9f4503c7b18ef5573a7e047c6ecbcc03
SHA256

afbeb39cebead58124f0ae6e146d065dc234077d3a829642c822eff865eab8c3
SHA512

666db34e92a593bda6183565a6cda07de920d10bac3801914337ca4a5b30e1b3da13db37816bbc99dabaaa917f3ff4388362f3c3b4a1ae9ed51155ad67d7552b
SSDEEP

12288:Q8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixe:JUKoN0bUxgGa/pfBHDb+y1HgZA

Score

10^/10

darkcomet discovery rat trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_6a308cb4f1ab09b0ba9f449915777659
- Size
  
  646KB
- MD5
  
  6a308cb4f1ab09b0ba9f449915777659
- SHA1
  
  cc647edc9f4503c7b18ef5573a7e047c6ecbcc03
- SHA256
  
  afbeb39cebead58124f0ae6e146d065dc234077d3a829642c822eff865eab8c3
- SHA512
  
  666db34e92a593bda6183565a6cda07de920d10bac3801914337ca4a5b30e1b3da13db37816bbc99dabaaa917f3ff4388362f3c3b4a1ae9ed51155ad67d7552b
- SSDEEP
  
  12288:Q8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixe:JUKoN0bUxgGa/pfBHDb+y1HgZA
Score

10^/10

darkcomet discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdiscoveryrattrojan

behavioral2

darkcometdiscoveryrattrojan