darkcomet | 63e6c1e082d5262282b2f35d92f966968f028c49b382215069fc7b48a93ef0d2 | Triage

Submit
Reports

Overview

overview

Static

static

3

11bab9c459...18.exe

windows7-x64

11bab9c459...18.exe

windows10-2004-x64

Sharing

General

Target

11bab9c459a906e6da57b894ffe9e274_JaffaCakes118
Size

1.4MB
Sample

240626-msvedstelq
MD5

11bab9c459a906e6da57b894ffe9e274
SHA1

2dfeb032e948abaf96b178afdfdf6f04cbac332e
SHA256

63e6c1e082d5262282b2f35d92f966968f028c49b382215069fc7b48a93ef0d2
SHA512

3d68177d285a1c43e71ddfc73e6ff4aac7eda95d7e4de018d77a5b546250f5d1766759c2a63ae16d5b6b7cf82ad9ca5ad884228367aea6363df57baeaa1bc95f
SSDEEP

24576:N6FbugTnMmQtXspgr/5qMBclUEH3NXECRtxRD4f:2bumMmQtIgr/XcF9XhU

Score

10^/10

darkcomet rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

11bab9c459a906e6da57b894ffe9e274_JaffaCakes118.exe

Resource

win7-20240508-en

darkcomet rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

11bab9c459a906e6da57b894ffe9e274_JaffaCakes118.exe

Resource

win10v2004-20240611-en

darkcomet rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  11bab9c459a906e6da57b894ffe9e274_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  11bab9c459a906e6da57b894ffe9e274
- SHA1
  
  2dfeb032e948abaf96b178afdfdf6f04cbac332e
- SHA256
  
  63e6c1e082d5262282b2f35d92f966968f028c49b382215069fc7b48a93ef0d2
- SHA512
  
  3d68177d285a1c43e71ddfc73e6ff4aac7eda95d7e4de018d77a5b546250f5d1766759c2a63ae16d5b6b7cf82ad9ca5ad884228367aea6363df57baeaa1bc95f
- SSDEEP
  
  24576:N6FbugTnMmQtXspgr/5qMBclUEH3NXECRtxRD4f:2bumMmQtIgr/XcF9XhU
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan

© 2018-2024

Terms | Privacy