darkcomet | 2fe3c81aef01566ad7dbab01b58837dc9fcd835247cb3d982d64caec61e026a2 | Triage

Submit
Reports

Overview

overview

Static

static

08087d038d...18.exe

windows7-x64

08087d038d...18.exe

windows10-2004-x64

Sharing

General

Target

08087d038d8ca3cb86880939d28e208a_JaffaCakes118
Size

658KB
Sample

240624-mrjaqsxhlb
MD5

08087d038d8ca3cb86880939d28e208a
SHA1

029ce32c2e15bb9fa0a3ecce5ee2b986bffb2ae0
SHA256

2fe3c81aef01566ad7dbab01b58837dc9fcd835247cb3d982d64caec61e026a2
SHA512

579bbe0285b8d6110dc4583f8fb7d8be9cc60ee67bb754e5284fde9315326aae8816194ffa179dc18dca316cd45bcb5cfd59fc484e8b15e99609062b51bebb0c
SSDEEP

12288:J9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKjE:vAQ6Zx9cxTmOrucTIEFSpOGGE

Score

10^/10

darkcomet latentbot rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

08087d038d8ca3cb86880939d28e208a_JaffaCakes118.exe

Resource

win7-20240611-en

darkcomet latentbot rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

08087d038d8ca3cb86880939d28e208a_JaffaCakes118.exe

Resource

win10v2004-20240508-en

darkcomet latentbot rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

latentbot

C2

2345676543212345.zapto.org

Targets

- Target
  
  08087d038d8ca3cb86880939d28e208a_JaffaCakes118
- Size
  
  658KB
- MD5
  
  08087d038d8ca3cb86880939d28e208a
- SHA1
  
  029ce32c2e15bb9fa0a3ecce5ee2b986bffb2ae0
- SHA256
  
  2fe3c81aef01566ad7dbab01b58837dc9fcd835247cb3d982d64caec61e026a2
- SHA512
  
  579bbe0285b8d6110dc4583f8fb7d8be9cc60ee67bb754e5284fde9315326aae8816194ffa179dc18dca316cd45bcb5cfd59fc484e8b15e99609062b51bebb0c
- SSDEEP
  
  12288:J9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKjE:vAQ6Zx9cxTmOrucTIEFSpOGGE
Score

10^/10

darkcomet latentbot rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometlatentbotrattrojan

behavioral2

darkcometlatentbotrattrojan

© 2018-2024

Terms | Privacy