darkcomet | 38069a3345f5ea40b48ca79c708e9fa6f98a7b8c5e235f331bb092f579d0017b | Triage

Sharing

General

Target

JaffaCakes118_918f9b89bce81f803a5d9fd09207932a
Size

658KB
Sample

250329-w4psqasmy7
MD5

918f9b89bce81f803a5d9fd09207932a
SHA1

8cc89a5b8bf9eb47c2c7c715d467b3cfb9649a21
SHA256

38069a3345f5ea40b48ca79c708e9fa6f98a7b8c5e235f331bb092f579d0017b
SHA512

dbf2a9b94aa451bf74c7884465d9018f1a151ad621c4f52e5b4b8c00f262de2fedb71fefba8b17cdca9fdf03b69965e8d3a2098ba279cb3beccc1d45cfdd9234
SSDEEP

12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hH:uZ1xuVVjfFoynPaVBUR8f+kN10EBd

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

bellen123.no-ip.org:1604

Mutex

DC_MUTEX-S0BTBFH

Attributes

gencode
oGiTqBGNdsy9
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_918f9b89bce81f803a5d9fd09207932a
- Size
  
  658KB
- MD5
  
  918f9b89bce81f803a5d9fd09207932a
- SHA1
  
  8cc89a5b8bf9eb47c2c7c715d467b3cfb9649a21
- SHA256
  
  38069a3345f5ea40b48ca79c708e9fa6f98a7b8c5e235f331bb092f579d0017b
- SHA512
  
  dbf2a9b94aa451bf74c7884465d9018f1a151ad621c4f52e5b4b8c00f262de2fedb71fefba8b17cdca9fdf03b69965e8d3a2098ba279cb3beccc1d45cfdd9234
- SSDEEP
  
  12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hH:uZ1xuVVjfFoynPaVBUR8f+kN10EBd
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16discoveryrattrojan

behavioral2

darkcometguest16discoveryrattrojan