darkcomet | e7caf73f83e5ddb0fe30fed28db6857c316b5a175d42f3ddb8a1501d09642c22 | Triage

Submit
Reports

Overview

overview

Static

static

3

1b1bc2f82d...18.exe

windows7-x64

1b1bc2f82d...18.exe

windows10-2004-x64

Sharing

General

Target

1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118
Size

700KB
Sample

240701-nhn1asyeng
MD5

1b1bc2f82ddd0936ad7ddb1541a9b172
SHA1

c0b501b70b6eea5916e44add1557a7dee1afe37e
SHA256

e7caf73f83e5ddb0fe30fed28db6857c316b5a175d42f3ddb8a1501d09642c22
SHA512

02d2211a674b34d81d5b3421207acfbb99d50e715511898bf7b0cc6e3d59951fcc93f69f1e7e638914806db58b26fadfcf5ff7dfa43ffea67ee89906e38c0af3
SSDEEP

12288:N/PnpWutXeeGFC4Jz221Bo2sth2X38n1yrgwjW:N/Pns0XeQ2sPtysnGge

Score

10^/10

darkcomet óçã rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118.exe

Resource

win7-20240419-en

darkcomet óçã rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118.exe

Resource

win10v2004-20240611-en

darkcomet óçã rat trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

ÓÇã

C2

nnns.zapto.org:1604

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
pZ2PbkJ4J7qu
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118
- Size
  
  700KB
- MD5
  
  1b1bc2f82ddd0936ad7ddb1541a9b172
- SHA1
  
  c0b501b70b6eea5916e44add1557a7dee1afe37e
- SHA256
  
  e7caf73f83e5ddb0fe30fed28db6857c316b5a175d42f3ddb8a1501d09642c22
- SHA512
  
  02d2211a674b34d81d5b3421207acfbb99d50e715511898bf7b0cc6e3d59951fcc93f69f1e7e638914806db58b26fadfcf5ff7dfa43ffea67ee89906e38c0af3
- SSDEEP
  
  12288:N/PnpWutXeeGFC4Jz221Bo2sth2X38n1yrgwjW:N/Pns0XeQ2sPtysnGge
Score

10^/10

darkcomet óçã rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Drops file in Drivers directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometóçãrattrojan

behavioral2

darkcometóçãrattrojan

© 2018-2024

Terms | Privacy