darkcomet | 85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7 | Triage

Sharing

General

Target

85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7N.exe
Size

658KB
Sample

250324-e1dgvawzbv
MD5

14caff579a203804602c55bc2feed600
SHA1

512b79d9ffe5cd44ddad8a18cced440578cb8ee4
SHA256

85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7
SHA512

3ccb6f604229435558b74314ea929453e98582f0c658cff6eb940049823ca2e6d9d5743d9fb60510042e4b7ad266d8e22a7bf1003b74760617d9976340895215
SSDEEP

12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hE:WZ1xuVVjfFoynPaVBUR8f+kN10EB2

Score

10^/10

darkcomet onestensamble discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

onEstEnsamble

C2

88.99.61.194:5067

Mutex

DCMIN_MUTEX-A89V5VW

Attributes

gencode
03TlA6qxpLlo
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7N.exe
- Size
  
  658KB
- MD5
  
  14caff579a203804602c55bc2feed600
- SHA1
  
  512b79d9ffe5cd44ddad8a18cced440578cb8ee4
- SHA256
  
  85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7
- SHA512
  
  3ccb6f604229435558b74314ea929453e98582f0c658cff6eb940049823ca2e6d9d5743d9fb60510042e4b7ad266d8e22a7bf1003b74760617d9976340895215
- SSDEEP
  
  12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hE:WZ1xuVVjfFoynPaVBUR8f+kN10EB2
Score

10^/10

darkcomet onestensamble discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

onestensambledarkcomet

behavioral1

darkcometonestensamblediscoveryrattrojan

behavioral2

darkcometonestensamblediscoveryrattrojan