darkcomet | 123632b9babaa3e3f16e508c26e2a60f33c5edf896a9146819f83508250157fb | Triage

Submit
Reports

Overview

overview

Static

static

7

22dc5d62c2...18.exe

windows7-x64

22dc5d62c2...18.exe

windows10-2004-x64

Sharing

General

Target

22dc5d62c2c40824901f2a5517e8029c_JaffaCakes118
Size

629KB
Sample

240703-sytmyawepc
MD5

22dc5d62c2c40824901f2a5517e8029c
SHA1

4141e70636c8b08e4a5ec8cc9520065a73090d37
SHA256

123632b9babaa3e3f16e508c26e2a60f33c5edf896a9146819f83508250157fb
SHA512

77358ab753c43964bff84448f218854a01aea3cefd77288e1fa2b89ba79f0084726ec47a64703df9600c5ba7f5c5f67b4f40d6e58f8739e8fd47ef802da683a4
SSDEEP

12288:lew0ZLatzDCneocNspaFpmqdbX/hUb+XjRikc0ijv/tNC:sLZGtzDCndc6QFpmqRX/GbEe0ipI

Score

10^/10

darkcomet guest16 rat trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

22dc5d62c2c40824901f2a5517e8029c_JaffaCakes118.exe

Resource

win7-20240220-en

darkcomet guest16 rat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

22dc5d62c2c40824901f2a5517e8029c_JaffaCakes118.exe

Resource

win10v2004-20240611-en

darkcomet guest16 rat trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:90

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
kpDRvFaHMVJE
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  22dc5d62c2c40824901f2a5517e8029c_JaffaCakes118
- Size
  
  629KB
- MD5
  
  22dc5d62c2c40824901f2a5517e8029c
- SHA1
  
  4141e70636c8b08e4a5ec8cc9520065a73090d37
- SHA256
  
  123632b9babaa3e3f16e508c26e2a60f33c5edf896a9146819f83508250157fb
- SHA512
  
  77358ab753c43964bff84448f218854a01aea3cefd77288e1fa2b89ba79f0084726ec47a64703df9600c5ba7f5c5f67b4f40d6e58f8739e8fd47ef802da683a4
- SSDEEP
  
  12288:lew0ZLatzDCneocNspaFpmqdbX/hUb+XjRikc0ijv/tNC:sLZGtzDCndc6QFpmqRX/GbEe0ipI
Score

10^/10

darkcomet guest16 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometguest16rattrojanupx

behavioral2

darkcometguest16rattrojanupx

© 2018-2024

Terms | Privacy