darkcomet | 999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f | Triage

Submit
Reports

Overview

overview

Static

static

5

999b467f6c...5f.exe

windows7-x64

999b467f6c...5f.exe

windows10-2004-x64

Sharing

General

Target

999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f.exe
Size

1.4MB
Sample

250225-dllz1azmw6
MD5

d4cc386e6847b9d82016c79455bdecce
SHA1

2e947b28d124c6675f8a9f947a7d371bd8c73120
SHA256

999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f
SHA512

6c0cf6c28dfd63cf2d792398f55f71f7f908627a10d12cd5bc0a1032e31644e24c144752a9cddaae05ffa72550aaee3d88df4ce8a7baeb7551550dd5c0eed47f
SSDEEP

24576:lRmJkcoQricOIQxiZY1aazZrdR9kfrDs0Vh8cK0IpmXS3jej2pJ8Mj:qJZoQrbTFZY1aaVr/SDo0VacK0JCmxMj

Score

10^/10

darkcomet ali discovery rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f.exe

Resource

win7-20241010-en

darkcomet ali discovery rat trojan

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f.exe

Resource

win10v2004-20250217-en

darkcomet ali discovery rat trojan

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

ali

C2

obj.jumpingcrab.com:1818

Mutex

DC_MUTEX-N4J3V80

Attributes

gencode
olA3zmEolGvJ
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f.exe
- Size
  
  1.4MB
- MD5
  
  d4cc386e6847b9d82016c79455bdecce
- SHA1
  
  2e947b28d124c6675f8a9f947a7d371bd8c73120
- SHA256
  
  999b467f6c9270ca8296f4064d5dcaa7180949a6f33db911c74d6c86fe1dbf5f
- SHA512
  
  6c0cf6c28dfd63cf2d792398f55f71f7f908627a10d12cd5bc0a1032e31644e24c144752a9cddaae05ffa72550aaee3d88df4ce8a7baeb7551550dd5c0eed47f
- SSDEEP
  
  24576:lRmJkcoQricOIQxiZY1aazZrdR9kfrDs0Vh8cK0IpmXS3jej2pJ8Mj:qJZoQrbTFZY1aaVr/SDo0VacK0JCmxMj
Score

10^/10

darkcomet ali discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometalidiscoveryrattrojan

behavioral2

darkcometalidiscoveryrattrojan

© 2018-2025

Terms | Privacy