darkcomet | e735d18960a86f8d2bce6d2dd922708117836c6daa51221d22cc12576704da3d | Triage

Sharing

General

Target

JaffaCakes118_49d91186519653c3a1bde5ceb0b5a153
Size

260KB
Sample

250303-3tv1batls7
MD5

49d91186519653c3a1bde5ceb0b5a153
SHA1

dbf3024743ae17b4fe4360aacbf37f084dc36174
SHA256

e735d18960a86f8d2bce6d2dd922708117836c6daa51221d22cc12576704da3d
SHA512

c669e18fb171e83f661daa79eb06ec01634e7e65cbddbd0eebfea5b7baccf9f901e830aaa14d5f8539c72909e7e23bf76f8dbe45ffaf37d123f3679e3a4bbe7a
SSDEEP

6144:kq3UfqBaEeGmhBb8CqW+SykvpN+aPXp9I12XPRtcONF2w:kf8ehbGWdTNzPXp8ePjc

Score

10^/10

darkcomet guest16 aspackv2 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

h10mm.no-ip.info:81

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
ymj6yJjKsANe
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_49d91186519653c3a1bde5ceb0b5a153
- Size
  
  260KB
- MD5
  
  49d91186519653c3a1bde5ceb0b5a153
- SHA1
  
  dbf3024743ae17b4fe4360aacbf37f084dc36174
- SHA256
  
  e735d18960a86f8d2bce6d2dd922708117836c6daa51221d22cc12576704da3d
- SHA512
  
  c669e18fb171e83f661daa79eb06ec01634e7e65cbddbd0eebfea5b7baccf9f901e830aaa14d5f8539c72909e7e23bf76f8dbe45ffaf37d123f3679e3a4bbe7a
- SSDEEP
  
  6144:kq3UfqBaEeGmhBb8CqW+SykvpN+aPXp9I12XPRtcONF2w:kf8ehbGWdTNzPXp8ePjc
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan