General
-
Target
861612023a39c17395fc19e69d4dea9af52cafdba0bdf9ce301268f5c0284471
-
Size
1.5MB
-
Sample
200629-55923ztf4e
-
MD5
1c72f2ac3f8aedcb677d1843030402e2
-
SHA1
0b4a2c3e4c919c95c2543eaad8bb8e207fede04c
-
SHA256
861612023a39c17395fc19e69d4dea9af52cafdba0bdf9ce301268f5c0284471
-
SHA512
0532968f04a30cf7e63f95d6bcbd13a8a59ea13afefd8987aba2811f22c0995adabff33773b335933ea8064aeebdb83af4168bf6f75940d8ea1130c59a6e38f4
Static task
static1
Behavioral task
behavioral1
Sample
861612023a39c17395fc19e69d4dea9af52cafdba0bdf9ce301268f5c0284471.exe
Resource
win7
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
861612023a39c17395fc19e69d4dea9af52cafdba0bdf9ce301268f5c0284471
-
Size
1.5MB
-
MD5
1c72f2ac3f8aedcb677d1843030402e2
-
SHA1
0b4a2c3e4c919c95c2543eaad8bb8e207fede04c
-
SHA256
861612023a39c17395fc19e69d4dea9af52cafdba0bdf9ce301268f5c0284471
-
SHA512
0532968f04a30cf7e63f95d6bcbd13a8a59ea13afefd8987aba2811f22c0995adabff33773b335933ea8064aeebdb83af4168bf6f75940d8ea1130c59a6e38f4
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-