darkcomet | 10947307c0b64b75560e7d0cf3fc70f638216ff88247c50158df64e437eb17a8 | Triage

Sharing

General

Target

JaffaCakes118_2f342812631c9224a6304baf2c03b52e
Size

666KB
Sample

250227-yf71haxpw9
MD5

2f342812631c9224a6304baf2c03b52e
SHA1

2dd2b32f4ba65164449ddf0182933ad8d7607195
SHA256

10947307c0b64b75560e7d0cf3fc70f638216ff88247c50158df64e437eb17a8
SHA512

510c36266978f67209e059ae0f6d21e701af8d06cc4c6b89be358d2d5b99d7024c7f22719a2d062b688e78bd26783aa44e3108540af1570fc413ea3799d3bca1
SSDEEP

12288:VDbJhI6jsJlxaBYVjLjo5rD8yjSfDp4Adnbg5kK:V5y++lbKrDsfDhbg5kK

Score

10^/10

darkcomet test discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Attributes

gencode
install
false
offline_keylogger
false
persistence
false

rc4.plain

Extracted

Family

darkcomet

Botnet

TEST

C2

H7eatShot.sytes.net:550

Mutex

DC_MUTEX-LM8DZ68

Attributes

gencode
NSsVUm.e69GF
install
false
offline_keylogger
false
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_2f342812631c9224a6304baf2c03b52e
- Size
  
  666KB
- MD5
  
  2f342812631c9224a6304baf2c03b52e
- SHA1
  
  2dd2b32f4ba65164449ddf0182933ad8d7607195
- SHA256
  
  10947307c0b64b75560e7d0cf3fc70f638216ff88247c50158df64e437eb17a8
- SHA512
  
  510c36266978f67209e059ae0f6d21e701af8d06cc4c6b89be358d2d5b99d7024c7f22719a2d062b688e78bd26783aa44e3108540af1570fc413ea3799d3bca1
- SSDEEP
  
  12288:VDbJhI6jsJlxaBYVjLjo5rD8yjSfDp4Adnbg5kK:V5y++lbKrDsfDhbg5kK
Score

10^/10

darkcomet test discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcomettestdiscoveryrattrojan

behavioral2

darkcomettestdiscoveryrattrojan