darkcomet | 6db8928ccf1c6276eb0ba8dc51c3209df1d5d8d5a2f4f0559e4789f5244f77a8 | Triage

Sharing

General

Target

JaffaCakes118_016e0e8eefb76dfdc4e7abcd1fc8af9a
Size

722KB
Sample

250121-c1drhasjct
MD5

016e0e8eefb76dfdc4e7abcd1fc8af9a
SHA1

9ab0d8fcd35feafa6f26947ea224f8b5e43907a2
SHA256

6db8928ccf1c6276eb0ba8dc51c3209df1d5d8d5a2f4f0559e4789f5244f77a8
SHA512

ddb8ed66e259f8a846a13c1cd1213182c8e169a10cb7cef2a1e91a31279f4c9c95baa89135b22e04ffc12e8fc9b7e459da260816d9ef05b249e5cfc488df6f9e
SSDEEP

12288:YFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJ8:43nbWmJVJFwSddIXvfhqbiaxvRxq9G

Score

10^/10

darkcomet latentbot discovery rat trojan

Malware Config

Extracted

Family

latentbot

C2

vpnservices021.zapto.org

Targets

- Target
  
  JaffaCakes118_016e0e8eefb76dfdc4e7abcd1fc8af9a
- Size
  
  722KB
- MD5
  
  016e0e8eefb76dfdc4e7abcd1fc8af9a
- SHA1
  
  9ab0d8fcd35feafa6f26947ea224f8b5e43907a2
- SHA256
  
  6db8928ccf1c6276eb0ba8dc51c3209df1d5d8d5a2f4f0559e4789f5244f77a8
- SHA512
  
  ddb8ed66e259f8a846a13c1cd1213182c8e169a10cb7cef2a1e91a31279f4c9c95baa89135b22e04ffc12e8fc9b7e459da260816d9ef05b249e5cfc488df6f9e
- SSDEEP
  
  12288:YFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJ8:43nbWmJVJFwSddIXvfhqbiaxvRxq9G
Score

10^/10

darkcomet latentbot discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Latentbot family
  latentbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometlatentbotdiscoveryrattrojan

behavioral2

darkcometlatentbotdiscoveryrattrojan