Backdoor.DarkKomet.A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 6,952 |
| Threat Level: | 60 % (Medium) |
| Infected Computers: | 14,331 |
| First Seen: | May 4, 2017 |
| Last Seen: | April 1, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Backdoor.DarkKomet.A |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
59f5fef2e2e7106aa23cc9aaecda03bf
SHA1:
5de260b96f3e2ec1eb0cb5fb5445a46b688b730e
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
45d3420657d5740bd23d289e109d3078
SHA1:
eb84c1b2ba4cf943f70b3f886275d1d437c5b2ef
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
f32fac232b63979259f26f475efee8f6
SHA1:
01e8018cb8875e9304522eb4cc306364e7601ea9
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
6fcc67f395815754082728b70987252f
SHA1:
41153a6f1f985467ae501101ec88ba8ad01c4a0a
SHA256:
C1B94906836691378E993FF67780B8667811320C4B41A19F945CDDBA2372DA98
File Size:
20.99 KB, 20992 bytes
|
|
MD5:
7a5ccbc40c9120715f58a8c72044f830
SHA1:
ffd1e13b66fcff7b735acfe83e4d2258a38c56d8
SHA256:
41A8799DAD7A4049CD65F5EC9A2B595A5DD8A53D32D6AF960B10F73E059D3C0B
File Size:
21.00 KB, 21004 bytes
|
Show More
|
MD5:
ecebca8026bcef70351b7bf2145cf4a4
SHA1:
2aee74f3703509ef516a4984aecb583b10d593d2
SHA256:
B7B8999D386C688A2D3EF73D80D9E9F408D70CD623B64BFA483203615E652AFA
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
f937ca85633605cba4c4a342c574d691
SHA1:
2cb0766fa0d59fd645cdf981efb0243e28556850
SHA256:
9337FD252A2B06F0BA1DC5BE8817B709AC25CE8B26BD8D65E2D0EF434145FB4B
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
0d21ae1d3858a29eaf0b588da3bb31e5
SHA1:
fbafdbd46fd1e37e94dac222ab8e3d524e70e6ea
SHA256:
90FDF161D54811A584B5EC31BAEE8817BDC5ADD2F7F49681D29EF83EB2F6DFDB
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
719f4e955604d6e243eeee96dd2b69ad
SHA1:
85455a132022d68250ba3784767093b01cf37c0b
SHA256:
4DADF638E073EB18476B9160B4CE69E231BBC0C5F50C89E0D38CDE1C2643C245
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
7549723995f7da2696c12aea48806973
SHA1:
5b062f50b4529918bf0f84f6800447a2139bccbf
SHA256:
B8FD91365561EA31D83B66FF677E6A721C7D74DE3DDED417CAE43F6BAC2610E4
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
7453e6af9bea5b00473116c391278832
SHA1:
fc98d3645043dc761684add21670e2e6a99a679e
SHA256:
97AA033C2530C73712DE75C405234720834979A2A633FABD98F35F2EE27D6A1C
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
76f671099c5b8640d174944e875a299b
SHA1:
0b955887498b8afbaa214db05a2cd1d7ae1028ba
SHA256:
F996AF7FD7BBEDE30FA2B36CEE146E6BC101D87147B7117D6AC5C43A8BA44DF5
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
62e406894d1a8a3a30af067fdc610d18
SHA1:
9d25cc0d33fe0c4dbb0837785ce5f3a72a38815d
SHA256:
F79893A5515C3F0BF1BADBC67B78E929E99A5F45C3C440E2E3137999964498B8
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
e7282456f0928c93c9120fe78c3aebe6
SHA1:
d3f521d9b547da383528614c2107c4fbc4e999e7
SHA256:
6827C39C845EDEB4ECA0685F409128F5E1DD7D0BF305A2B837EAD382238C069D
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
4890634277cd1bbd9221c671f447a379
SHA1:
77dfffb42edaa61674f0ecc7f7bba4202b449f65
SHA256:
58508325DF54162D0E1E71FE55A788DECCE8F9DB861338F3FFC2487E817F3682
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
146981986ced91a8d01cf79af7ebd40e
SHA1:
e722e97a05597a364ff6ae6d1867b29c3b71a537
SHA256:
F0CE3EAF69B1F31BD886A3A409266BDDFB6FA90668765058270E1B0C3C069E57
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
bc2fffae34c4b53cc47f7a36cdbfe485
SHA1:
fdea06fd88c7dea6bbbdfcb42af5fd3550ab760a
SHA256:
D683DE748E622EB457CCB3E762A21D9B64D79602A903CBFC9738A866535A7456
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
4d95f8b6230c204537c19a5747cddcdd
SHA1:
a35b6fe20e7852c9545204546b7083749543c4b4
SHA256:
CA37123E4553C942922DE134C7450665324F4F08B377B56D2DCB973B76E6D151
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
369d5ff840014d2170b67e06be84999e
SHA1:
c4aa4874b6c0010413fd6f322ef48d4c7cb5d932
SHA256:
C838F349F524CFEC0617FB1273628AAADB1E917866779D61153694333693B0E2
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
3cc04c60c7c2e9a049835493e13d2203
SHA1:
42dd8620b471c4588f7900f99f1708e1f6ffc0e8
SHA256:
A642FC59C20013A333F1FE13FEC354A735143031DA4065166B40414975EAAB1F
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
2ae3379321b382321bb9db499fac0049
SHA1:
324d8873cec0c0e23fdc71e6d29401fd030dbfbe
SHA256:
1C7401DDD52082F020DF9B6F1BAEA5573608840012DD7F97B3CC11B56D81CF89
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
07299427ea667c456878a14d636c7c8c
SHA1:
ad974a5d2cb0b30f2192543a56946ff9b01f21ee
SHA256:
21B9B4975D280DDC73782A4F5FA8D42F3001F9A3BC10EA0F542C95E061093B8C
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
621b17b29dce234632bc457c3e4c9a3c
SHA1:
d4748456f2676b6ea5411472d224e9170a3be4c2
SHA256:
15CD02BA533B27835052A395140916B5111593F86447160C0AB89C015EDBA8DE
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
c509b680d9d2807976ffc2ca8492c201
SHA1:
9f215dce7f5e7a8d70b89688569bf53bcb90e96d
SHA256:
C2DE34E1E53C072283E00960EDEF122DD3682B4234D5564E9AD9B4993A84433D
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
c345213ae906aed36630f901c25228b6
SHA1:
1e7d1455ee7f41bda03fd76c617414eedc64fce6
SHA256:
DC986943593FC67A51DDC79F4B44D8440389F3567182834A332F0378CD4328DD
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
7b3c02a952b11f4598f8e8a01a0f2c5d
SHA1:
104613e19e31ac2a3e6ee84c1953868f9c85d239
SHA256:
2A2928B839104D6E1E935F6889674B2AFABBC52AC180ED40B21DDAEB7B1BDC2E
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
044c7c052f23c7211431706cfa2a03fd
SHA1:
3ba5e847acf2c7dfd660ac238ca9ef55bd475136
SHA256:
9FADB9AC0FC2B72CE7E2136ABD0BFEB6D55033550244CE70B981F0C949653441
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
d08db8cb4a9c8de353d89eacf1507097
SHA1:
ac67eaa12b9b31bb1bda814506453d8170f1ab59
SHA256:
AD92F6448D4861CC063853008178C19D73C31E6C21B8BC0D778D385A98CBF423
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
4297b98eb3b6616dc9dc52248e1b9b26
SHA1:
db2e202424785a3b990d9e31dac749624e4ca0cd
SHA256:
E1E4CDD1580A3A0D44E5DBE34753D5166C16612D668B81B586012469B3A563FB
File Size:
20.49 KB, 20492 bytes
|
|
MD5:
3f7186685fb6ea878559f9d1f66751eb
SHA1:
2d0bb09bf2248a72f707620fd5b763642438439b
SHA256:
DFE41382A383BCDB2B9245AB22A957AA4CA77C90CA87F6DB3B7C74E02A775B85
File Size:
21.00 KB, 21004 bytes
|
|
MD5:
3be6aa7899b2a262c5b1266db0a60f7f
SHA1:
806ab2346ab837c60d1b0ce4875d43d492ffcf5d
SHA256:
B18E1107498FF1057D6A23572B4B703F97564DC604E30874D944337C0445BD9A
File Size:
21.00 KB, 21004 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have exports table
- File doesn't have security information
- File is 32-bit executable
- File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Traits
- No Version Info
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 49 |
|---|---|
| Potentially Malicious Blocks: | 12 |
| Whitelisted Blocks: | 37 |
| Unknown Blocks: | 0 |
Visual Map
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
x
0
0
0
0
x
x
x
x
x
0
0
x
x
x
x
0
0
x
0
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Darkkomet.A
- Kryptik.XXF
