darkcomet | 276cb1d27d2a334db8b573a7d3a6c7adae5d31dc124c9b8e7d15507c310882a5 | Triage

Sharing

General

Target

JaffaCakes118_093b88e326a5537aabdac38087ddd36a
Size

714KB
Sample

250220-dfmdksvmfs
MD5

093b88e326a5537aabdac38087ddd36a
SHA1

dac9e8c7dd5ad6276cfdf35be0d522f4bb894f16
SHA256

276cb1d27d2a334db8b573a7d3a6c7adae5d31dc124c9b8e7d15507c310882a5
SHA512

9c2e53b7894d0fedf33e07dd1b964da3e70c6928867227ed489a9c87b7ca61eefc411c21d517360e67f40204a6d02211672782a5af7fd7655feef01b32132032
SSDEEP

12288:89HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hsWi:QZ1xuVVjfFoynPaVBUR8f+kN10EBO9

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

117.205.58.32:1604

Mutex

DC_MUTEX-24Y30TE

Attributes

gencode
8e5eKaLAG0mm
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_093b88e326a5537aabdac38087ddd36a
- Size
  
  714KB
- MD5
  
  093b88e326a5537aabdac38087ddd36a
- SHA1
  
  dac9e8c7dd5ad6276cfdf35be0d522f4bb894f16
- SHA256
  
  276cb1d27d2a334db8b573a7d3a6c7adae5d31dc124c9b8e7d15507c310882a5
- SHA512
  
  9c2e53b7894d0fedf33e07dd1b964da3e70c6928867227ed489a9c87b7ca61eefc411c21d517360e67f40204a6d02211672782a5af7fd7655feef01b32132032
- SSDEEP
  
  12288:89HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hsWi:QZ1xuVVjfFoynPaVBUR8f+kN10EBO9
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan