darkcomet | 508c266465fd65042139be5e2d9de66de542a59ba5acdecf22562ce484d37acd | Triage

Sharing

General

Target

JaffaCakes118_235c48c68763d2474945cf83b32a4df1
Size

704KB
Sample

250226-bn8wfayqx6
MD5

235c48c68763d2474945cf83b32a4df1
SHA1

a321a46659d59510fc3c0b1ce5eb8f40f4d1f67c
SHA256

508c266465fd65042139be5e2d9de66de542a59ba5acdecf22562ce484d37acd
SHA512

66d2f2c2c0a76c0d7ab1183fc05a64598c3123bffc8a94431a5eb02e1dfa5a17be964a7d512882e0e96c75b76a7b820e1b00b652a06dd9357665b524b651bdd5
SSDEEP

12288:tIh4EY1awKtBnrtw8bzRpyMObDkeFsB7pyCEbSTiTwRkfy9h4ORA/KjWHZpdAxVx:tFoXBnpw8bzRhObDkvEbSDKC2UmKaHZ2

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Attributes

gencode
install
false
offline_keylogger
false
persistence
false

rc4.plain

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-ZXJ25KV

Attributes

gencode
gruAQtasehMc
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_235c48c68763d2474945cf83b32a4df1
- Size
  
  704KB
- MD5
  
  235c48c68763d2474945cf83b32a4df1
- SHA1
  
  a321a46659d59510fc3c0b1ce5eb8f40f4d1f67c
- SHA256
  
  508c266465fd65042139be5e2d9de66de542a59ba5acdecf22562ce484d37acd
- SHA512
  
  66d2f2c2c0a76c0d7ab1183fc05a64598c3123bffc8a94431a5eb02e1dfa5a17be964a7d512882e0e96c75b76a7b820e1b00b652a06dd9357665b524b651bdd5
- SSDEEP
  
  12288:tIh4EY1awKtBnrtw8bzRpyMObDkeFsB7pyCEbSTiTwRkfy9h4ORA/KjWHZpdAxVx:tFoXBnpw8bzRhObDkvEbSDKC2UmKaHZ2
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan