General
-
Target
4afa851f8a7a6fa230b87f419d5974c887b7ca1548bf9c65b0f0c21501dec366
-
Size
1.5MB
-
Sample
200629-ehse2slhx2
-
MD5
a6e6195d3a69ff915eff3f2332e4aa1b
-
SHA1
6948e94d46c9876a2cb45e7eef09c1f94afe2e44
-
SHA256
4afa851f8a7a6fa230b87f419d5974c887b7ca1548bf9c65b0f0c21501dec366
-
SHA512
4abdcd28d5aec2fa8c797500d24d5530b8c7b59a00da41609ed0248c4ed81d91e8e5ab7eabfd792cdbd96c27a8d6d0e7d1e9fbfe3ca168de0bb6ab3f9bdc6bd6
Static task
static1
Behavioral task
behavioral1
Sample
4afa851f8a7a6fa230b87f419d5974c887b7ca1548bf9c65b0f0c21501dec366.exe
Resource
win7v200430
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
4afa851f8a7a6fa230b87f419d5974c887b7ca1548bf9c65b0f0c21501dec366
-
Size
1.5MB
-
MD5
a6e6195d3a69ff915eff3f2332e4aa1b
-
SHA1
6948e94d46c9876a2cb45e7eef09c1f94afe2e44
-
SHA256
4afa851f8a7a6fa230b87f419d5974c887b7ca1548bf9c65b0f0c21501dec366
-
SHA512
4abdcd28d5aec2fa8c797500d24d5530b8c7b59a00da41609ed0248c4ed81d91e8e5ab7eabfd792cdbd96c27a8d6d0e7d1e9fbfe3ca168de0bb6ab3f9bdc6bd6
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-