darkcomet | 7037f9ea42263f85da3ccd54e16a95a3417a3db1da692672163735b6cad0a2d3 | Triage

Sharing

General

Target

JaffaCakes118_b8ce1d14c5983543caf2def9c78b5bad
Size

1.4MB
Sample

250414-yklytsxxcw
MD5

b8ce1d14c5983543caf2def9c78b5bad
SHA1

7365a3e3decd53671e6bccb7a663bcadb22023ed
SHA256

7037f9ea42263f85da3ccd54e16a95a3417a3db1da692672163735b6cad0a2d3
SHA512

e5d1b708d5103abe68c05751670aa8356b5c9bc9a0d82a447f73f534f56e7188f90a1066e6aee31e65cd16754b14abbab9fc4a3e2e51da83905c3b9c7e029125
SSDEEP

24576:2VHgzHgUNbkqy/hmOT3nbWmJVJFwSddIXvfhqbiaxvRxq9X:wHgzHgUNghpamdZdcBYW

Score

10^/10

darkcomet guest16 discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Attributes

gencode
install
false
offline_keylogger
false
persistence
false

rc4.plain

Extracted

Family

darkcomet

Botnet

Guest16

C2

folces.no-ip.biz:1604

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
sv8f9ZKX677A
install
false
offline_keylogger
true
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_b8ce1d14c5983543caf2def9c78b5bad
- Size
  
  1.4MB
- MD5
  
  b8ce1d14c5983543caf2def9c78b5bad
- SHA1
  
  7365a3e3decd53671e6bccb7a663bcadb22023ed
- SHA256
  
  7037f9ea42263f85da3ccd54e16a95a3417a3db1da692672163735b6cad0a2d3
- SHA512
  
  e5d1b708d5103abe68c05751670aa8356b5c9bc9a0d82a447f73f534f56e7188f90a1066e6aee31e65cd16754b14abbab9fc4a3e2e51da83905c3b9c7e029125
- SSDEEP
  
  24576:2VHgzHgUNbkqy/hmOT3nbWmJVJFwSddIXvfhqbiaxvRxq9X:wHgzHgUNghpamdZdcBYW
Score

10^/10

darkcomet guest16 discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16discoveryrattrojan