darkcomet

General

Target

JaffaCakes118_78b582e8e72d96f39143a06a67204105
Size

658KB
Sample

250316-d5e1sszxhw
MD5

78b582e8e72d96f39143a06a67204105
SHA1

4bf09be3a89bca26684ad84ddbe116c5a926596b
SHA256

2711904d62b5d93aead01dd41e0743df03bccc232181235d140555b14d291c8e
SHA512

459888e97a9ea888c7f47cc3e91424b132f55f739e8319dde470af0760458fd7f120f26e6ad8e8144ef76a6f02b67237cc130bf604cc7c7c4df1e19f77d19a9b
SSDEEP

12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hs:uZ1xuVVjfFoynPaVBUR8f+kN10EBG

Score

10^/10

Malware Config

Extracted

Family

darkcomet

Botnet

Hax

C2

st33lc1tyf4n.zapto.org:5050

Mutex

DC_MUTEX-GX2NXU2

Attributes

gencode
Ck8rZHKuqbwF
install
false
offline_keylogger
true
persistence
false

rc4.plain

Extracted

Family

latentbot

C2

st33lc1tyf4n.zapto.org

Targets

- Target
  
  JaffaCakes118_78b582e8e72d96f39143a06a67204105
- Size
  
  658KB
- MD5
  
  78b582e8e72d96f39143a06a67204105
- SHA1
  
  4bf09be3a89bca26684ad84ddbe116c5a926596b
- SHA256
  
  2711904d62b5d93aead01dd41e0743df03bccc232181235d140555b14d291c8e
- SHA512
  
  459888e97a9ea888c7f47cc3e91424b132f55f739e8319dde470af0760458fd7f120f26e6ad8e8144ef76a6f02b67237cc130bf604cc7c7c4df1e19f77d19a9b
- SSDEEP
  
  12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hs:uZ1xuVVjfFoynPaVBUR8f+kN10EBG
Score

10^/10

darkcomet latentbot hax discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Latentbot family
  latentbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Darkcomet family

LatentBot

Latentbot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2