General
-
Target
a834b67aa9d03fab513394c75e28a1cf29e5008ea591ebf4d5a6f4b958e48980
-
Size
1.5MB
-
Sample
200629-6x6464xwl2
-
MD5
331f79981e251d2093ff7ec76939516a
-
SHA1
a069f61819247af1a64d77702431b5fd04e39804
-
SHA256
a834b67aa9d03fab513394c75e28a1cf29e5008ea591ebf4d5a6f4b958e48980
-
SHA512
99db464a53f73bb6a481d4818d630ee6e1546d4ee661726666a3be35674e1d3ff1e773caafa4f6305b2de929d7141d57160b7caf401a70cc8701417e113c02f9
Static task
static1
Behavioral task
behavioral1
Sample
a834b67aa9d03fab513394c75e28a1cf29e5008ea591ebf4d5a6f4b958e48980.exe
Resource
win7v200430
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
a834b67aa9d03fab513394c75e28a1cf29e5008ea591ebf4d5a6f4b958e48980
-
Size
1.5MB
-
MD5
331f79981e251d2093ff7ec76939516a
-
SHA1
a069f61819247af1a64d77702431b5fd04e39804
-
SHA256
a834b67aa9d03fab513394c75e28a1cf29e5008ea591ebf4d5a6f4b958e48980
-
SHA512
99db464a53f73bb6a481d4818d630ee6e1546d4ee661726666a3be35674e1d3ff1e773caafa4f6305b2de929d7141d57160b7caf401a70cc8701417e113c02f9
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-