General
-
Target
1baf22dc62474324dd17936b25c461beb7890d35c29df742f918764ffeb065bc
-
Size
1.5MB
-
Sample
200629-ksqnawncb6
-
MD5
42d1afbca40a7d397d29386101bd4dd4
-
SHA1
be1187fc901b747ee1b32af6363eddc23fa56f94
-
SHA256
1baf22dc62474324dd17936b25c461beb7890d35c29df742f918764ffeb065bc
-
SHA512
a106e4525ae0f3c3ff7b80a71d05a9456cafdac6c7c10a08cc3b767441966dbdb77ae1a11431f37ac4946be175fe2f00f5c5f96234196f19d292b3397c11465d
Static task
static1
Behavioral task
behavioral1
Sample
1baf22dc62474324dd17936b25c461beb7890d35c29df742f918764ffeb065bc.exe
Resource
win7
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1baf22dc62474324dd17936b25c461beb7890d35c29df742f918764ffeb065bc
-
Size
1.5MB
-
MD5
42d1afbca40a7d397d29386101bd4dd4
-
SHA1
be1187fc901b747ee1b32af6363eddc23fa56f94
-
SHA256
1baf22dc62474324dd17936b25c461beb7890d35c29df742f918764ffeb065bc
-
SHA512
a106e4525ae0f3c3ff7b80a71d05a9456cafdac6c7c10a08cc3b767441966dbdb77ae1a11431f37ac4946be175fe2f00f5c5f96234196f19d292b3397c11465d
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-