darkcomet | b0bc11ed599ee0020aada24b7c60d8ae7d2a6cf14e57930ed350ca7418c5b944 | Triage

Submit
Reports

Overview

overview

Static

static

SolaraBETA.exe

windows7-x64

Sharing

General

Target

SolaraBETA.exe
Size

726KB
Sample

240621-nqwecasaln
MD5

4e1596a62d16da74891e32ce35504e32
SHA1

575f028368cc2126850889fdb08a5533d43256ac
SHA256

b0bc11ed599ee0020aada24b7c60d8ae7d2a6cf14e57930ed350ca7418c5b944
SHA512

ed4329e4be047bd76f0eead7ff44ad7e4aca6ce03448e2bb951a7b82d5662d3a6eefc135a1b6bf1c655f24b18fa7b4636220c29587edf3a2eaddd588b6139cc0
SSDEEP

12288:S4HXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy45h:SOnAw2WWeFcfbP9VPSPMTSPL/rWvzq4R

Score

10^/10

darkcomet guest16 rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

SolaraBETA.exe

Resource

win7-20240220-en

darkcomet guest16 rat trojan

windows7-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

carolina-reverse.gl.at.ply.gg:34609

Mutex

DC_MUTEX-JRUP3DU

Attributes

gencode
czMBApdJTvqd
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  SolaraBETA.exe
- Size
  
  726KB
- MD5
  
  4e1596a62d16da74891e32ce35504e32
- SHA1
  
  575f028368cc2126850889fdb08a5533d43256ac
- SHA256
  
  b0bc11ed599ee0020aada24b7c60d8ae7d2a6cf14e57930ed350ca7418c5b944
- SHA512
  
  ed4329e4be047bd76f0eead7ff44ad7e4aca6ce03448e2bb951a7b82d5662d3a6eefc135a1b6bf1c655f24b18fa7b4636220c29587edf3a2eaddd588b6139cc0
- SSDEEP
  
  12288:S4HXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy45h:SOnAw2WWeFcfbP9VPSPMTSPL/rWvzq4R
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometguest16rattrojan

© 2018-2024

Terms | Privacy