darkcomet | 7a2b40243923cd5f7976e346b65a265bd2eac7c209ed722488fb63a1c882b06c | Triage

Submit
Reports

Overview

overview

Static

static

3

1a711246b2...18.exe

windows7-x64

1a711246b2...18.exe

windows10-2004-x64

Sharing

General

Target

1a711246b276ce21ea055b041b4a777e_JaffaCakes118
Size

522KB
Sample

240628-rlt79swhrq
MD5

1a711246b276ce21ea055b041b4a777e
SHA1

408b34c29da8cdb6cbf04d64b096c64e3c864b43
SHA256

7a2b40243923cd5f7976e346b65a265bd2eac7c209ed722488fb63a1c882b06c
SHA512

ae4875168a26eda43afdd65aebe7e22bd51492e2d2c088e0174ec72d9d6b0ae36a14d40ea0675da84538c26bdd16f100ff0999476b48ea6faa84080761477bd4
SSDEEP

12288:UmBvjkh9HLCmWltxoJngJn5Ivg49A6eM6MT9c769k:nvgnGmm95IICtX6MJK6W

Score

10^/10

darkcomet targets rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1a711246b276ce21ea055b041b4a777e_JaffaCakes118.exe

Resource

win7-20231129-en

darkcomet targets rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1a711246b276ce21ea055b041b4a777e_JaffaCakes118.exe

Resource

win10v2004-20240611-en

darkcomet targets rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

TARGETS

C2

darkjordan.zapto.org:99

Mutex

DC_MUTEX-6FPXA9V

Attributes

InstallPath
MSDCSC\msdcsc.exe
gencode
Z1MR6HYJYTTL
install
true
offline_keylogger
true
password
1983
persistence
false
reg_key
MicroUpdate

Targets

- Target
  
  1a711246b276ce21ea055b041b4a777e_JaffaCakes118
- Size
  
  522KB
- MD5
  
  1a711246b276ce21ea055b041b4a777e
- SHA1
  
  408b34c29da8cdb6cbf04d64b096c64e3c864b43
- SHA256
  
  7a2b40243923cd5f7976e346b65a265bd2eac7c209ed722488fb63a1c882b06c
- SHA512
  
  ae4875168a26eda43afdd65aebe7e22bd51492e2d2c088e0174ec72d9d6b0ae36a14d40ea0675da84538c26bdd16f100ff0999476b48ea6faa84080761477bd4
- SSDEEP
  
  12288:UmBvjkh9HLCmWltxoJngJn5Ivg49A6eM6MT9c769k:nvgnGmm95IICtX6MJK6W
Score

10^/10

darkcomet targets rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcomettargetsrattrojan

behavioral2

darkcomettargetsrattrojan

© 2018-2024

Terms | Privacy