darkcomet | 8546dcea20e2c07419df8a25ed04951ecf877adc29bb35ce3a4fb09cce7660f9 | Triage

Submit
Reports

Overview

overview

Static

static

234ef25bbf...18.exe

windows7-x64

234ef25bbf...18.exe

windows10-2004-x64

Sharing

General

Target

234ef25bbfe793d1d151f47979ed7deb_JaffaCakes118
Size

747KB
Sample

240703-ww31datbmh
MD5

234ef25bbfe793d1d151f47979ed7deb
SHA1

84e055864ae27015c6c442171f58c98eeaaa9f62
SHA256

8546dcea20e2c07419df8a25ed04951ecf877adc29bb35ce3a4fb09cce7660f9
SHA512

5c169f7b4f7f997030622c25ddbeaab41ace007f8bd0aba4101ff6e7d7a4f043a3303301097cad64aa9e201c683254948df5e6a3122a5d25d4d3186bf9c068c9
SSDEEP

12288:qk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+2:n0QRWoJEfg0oChGdJQbjPbNW5tYeP+Gb

Score

10^/10

darkcomet guest16 rat trojan

Static task

static1

guest16 darkcomet

2 signatures

Behavioral task

behavioral1

Sample

234ef25bbfe793d1d151f47979ed7deb_JaffaCakes118.exe

Resource

win7-20240220-en

darkcomet guest16 rat trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

234ef25bbfe793d1d151f47979ed7deb_JaffaCakes118.exe

Resource

win10v2004-20240508-en

darkcomet guest16 rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

coolhost.no-ip.org:1604

192.168.1.3:1604

Mutex

DC_MUTEX-L46WSSE

Attributes

gencode
3j3ytrthJfmJ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  234ef25bbfe793d1d151f47979ed7deb_JaffaCakes118
- Size
  
  747KB
- MD5
  
  234ef25bbfe793d1d151f47979ed7deb
- SHA1
  
  84e055864ae27015c6c442171f58c98eeaaa9f62
- SHA256
  
  8546dcea20e2c07419df8a25ed04951ecf877adc29bb35ce3a4fb09cce7660f9
- SHA512
  
  5c169f7b4f7f997030622c25ddbeaab41ace007f8bd0aba4101ff6e7d7a4f043a3303301097cad64aa9e201c683254948df5e6a3122a5d25d4d3186bf9c068c9
- SSDEEP
  
  12288:qk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+2:n0QRWoJEfg0oChGdJQbjPbNW5tYeP+Gb
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan

© 2018-2024

Terms | Privacy