General
-
Target
544487e26be4ce2c8dc99409a7a46f9eadc1ac7aeaab59afdceeca319e1c1a9e
-
Size
1.5MB
-
Sample
200629-g56r1b92qn
-
MD5
0a383f6b665eb5e072773c9875d459cd
-
SHA1
aed86ee444beb6eddd188cc58f6e69430c1274ed
-
SHA256
544487e26be4ce2c8dc99409a7a46f9eadc1ac7aeaab59afdceeca319e1c1a9e
-
SHA512
c93aefa7e61e379047dd967f5af0b57803b34228921037ea01893b40002ea079c7c57228b23e3770ff4c8d5c0ec175f58bd037a9f4fef8415a60308176437a9f
Static task
static1
Behavioral task
behavioral1
Sample
544487e26be4ce2c8dc99409a7a46f9eadc1ac7aeaab59afdceeca319e1c1a9e.exe
Resource
win7
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
544487e26be4ce2c8dc99409a7a46f9eadc1ac7aeaab59afdceeca319e1c1a9e
-
Size
1.5MB
-
MD5
0a383f6b665eb5e072773c9875d459cd
-
SHA1
aed86ee444beb6eddd188cc58f6e69430c1274ed
-
SHA256
544487e26be4ce2c8dc99409a7a46f9eadc1ac7aeaab59afdceeca319e1c1a9e
-
SHA512
c93aefa7e61e379047dd967f5af0b57803b34228921037ea01893b40002ea079c7c57228b23e3770ff4c8d5c0ec175f58bd037a9f4fef8415a60308176437a9f
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-