General
-
Target
6f5b4bd346626b5a80aa953eaf70e095a4f332e272abddb679536f450cbdccf2
-
Size
1.5MB
-
Sample
200629-41e3sr415n
-
MD5
1be3d0d05edc748151b1d268312c0664
-
SHA1
4eaaa1c9177060a4333f6aa8fa13cf64f3f92dc9
-
SHA256
6f5b4bd346626b5a80aa953eaf70e095a4f332e272abddb679536f450cbdccf2
-
SHA512
0d33c0d7e0c52a7ea997ede1f6b1483ac52782fdba99993fb8356fa11cd405ace6414a81e11279a72f4633b09003632d7fdfdab5f965a9e2e6f871cf3c65f96f
Static task
static1
Behavioral task
behavioral1
Sample
6f5b4bd346626b5a80aa953eaf70e095a4f332e272abddb679536f450cbdccf2.exe
Resource
win7
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6f5b4bd346626b5a80aa953eaf70e095a4f332e272abddb679536f450cbdccf2
-
Size
1.5MB
-
MD5
1be3d0d05edc748151b1d268312c0664
-
SHA1
4eaaa1c9177060a4333f6aa8fa13cf64f3f92dc9
-
SHA256
6f5b4bd346626b5a80aa953eaf70e095a4f332e272abddb679536f450cbdccf2
-
SHA512
0d33c0d7e0c52a7ea997ede1f6b1483ac52782fdba99993fb8356fa11cd405ace6414a81e11279a72f4633b09003632d7fdfdab5f965a9e2e6f871cf3c65f96f
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-