darkcomet | fe7e861f25edd070d70dd0551ef3ffa67bdd4e4527d07738b55bb60f38554a3c | Triage

Sharing

General

Target

fe7e861f25edd070d70dd0551ef3ffa67bdd4e4527d07738b55bb60f38554a3c.exe
Size

500KB
Sample

250117-t8k9zsxkar
MD5

7b0efc4e44f8bb612a1506db5ab5aa0e
SHA1

b71347881754796387238c3741b480f1e8c92b5e
SHA256

fe7e861f25edd070d70dd0551ef3ffa67bdd4e4527d07738b55bb60f38554a3c
SHA512

2a00bb9541af1a1b22e8b4c55ba7ace3a64e2a27c052b7d78b55a1d1104fc046021784f079379bcf82947285bb5465f03d3b71f7546d61f156aac488bf3e4742
SSDEEP

12288:XHSqctaCAAEZOu8so1G51zlU1wM+AQYMyR00Z:XHSDa7JZOu8sbzU1IA7L+0Z

Score

10^/10

darkcomet defense_evasion discovery rat trojan

Malware Config

Targets

- Target
  
  fe7e861f25edd070d70dd0551ef3ffa67bdd4e4527d07738b55bb60f38554a3c.exe
- Size
  
  500KB
- MD5
  
  7b0efc4e44f8bb612a1506db5ab5aa0e
- SHA1
  
  b71347881754796387238c3741b480f1e8c92b5e
- SHA256
  
  fe7e861f25edd070d70dd0551ef3ffa67bdd4e4527d07738b55bb60f38554a3c
- SHA512
  
  2a00bb9541af1a1b22e8b4c55ba7ace3a64e2a27c052b7d78b55a1d1104fc046021784f079379bcf82947285bb5465f03d3b71f7546d61f156aac488bf3e4742
- SSDEEP
  
  12288:XHSqctaCAAEZOu8so1G51zlU1wM+AQYMyR00Z:XHSDa7JZOu8sbzU1IA7L+0Z
Score

10^/10

darkcomet defense_evasion discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdefense_evasiondiscoveryrattrojan

behavioral2

darkcometdefense_evasiondiscoveryrattrojan