darkcomet | fb69c0cad5a1d7606d2118aaa2b97f8144d2e0ae799b19842f778caed77ac9c9 | Triage

Sharing

General

Target

fb69c0cad5a1d7606d2118aaa2b97f8144d2e0ae799b19842f778caed77ac9c9N.exe
Size

500KB
Sample

250117-vckh9axlgq
MD5

518444253e890946b043ae15c7dbf680
SHA1

3df581ee92d56e8ce7b6acebeeeab8b21a9556b8
SHA256

fb69c0cad5a1d7606d2118aaa2b97f8144d2e0ae799b19842f778caed77ac9c9
SHA512

ff14655901eb77175f16e442fb81cc6d941376bf8791ba845e4a4d95fd1e7265cdd1a0f6fc98bf342f90bb8710d2b6ecd67d00ed495ea2548613122e6df8122b
SSDEEP

12288:XHSqctaCAAEZOu8so1G51zlU1wM+AQYMyR00J:XHSDa7JZOu8sbzU1IA7L+0J

Score

10^/10

darkcomet defense_evasion discovery rat trojan

Malware Config

Targets

- Target
  
  fb69c0cad5a1d7606d2118aaa2b97f8144d2e0ae799b19842f778caed77ac9c9N.exe
- Size
  
  500KB
- MD5
  
  518444253e890946b043ae15c7dbf680
- SHA1
  
  3df581ee92d56e8ce7b6acebeeeab8b21a9556b8
- SHA256
  
  fb69c0cad5a1d7606d2118aaa2b97f8144d2e0ae799b19842f778caed77ac9c9
- SHA512
  
  ff14655901eb77175f16e442fb81cc6d941376bf8791ba845e4a4d95fd1e7265cdd1a0f6fc98bf342f90bb8710d2b6ecd67d00ed495ea2548613122e6df8122b
- SSDEEP
  
  12288:XHSqctaCAAEZOu8so1G51zlU1wM+AQYMyR00J:XHSDa7JZOu8sbzU1IA7L+0J
Score

10^/10

darkcomet defense_evasion discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometdefense_evasiondiscoveryrattrojan

behavioral2

darkcometdefense_evasiondiscoveryrattrojan