General
-
Target
0a7662f030946b171a47ca964dace696410fbaafcc70c3849ea70fbcd3bacdf4
-
Size
1.5MB
-
Sample
200629-wlm748mlt2
-
MD5
644fb62f1d5ea374affb23f47b0ab4ca
-
SHA1
a9bbeb0793282db2f74f19a271415479146be3b9
-
SHA256
0a7662f030946b171a47ca964dace696410fbaafcc70c3849ea70fbcd3bacdf4
-
SHA512
7cf494dfd1456ef29ddfee4c5aa2074aab092c4cbb06145e0bf27c64852344b9ee79488726b2e517035cfa18b546d82048c156bc4722e017fb7175eaedbde868
Static task
static1
Behavioral task
behavioral1
Sample
0a7662f030946b171a47ca964dace696410fbaafcc70c3849ea70fbcd3bacdf4.exe
Resource
win7
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
0a7662f030946b171a47ca964dace696410fbaafcc70c3849ea70fbcd3bacdf4
-
Size
1.5MB
-
MD5
644fb62f1d5ea374affb23f47b0ab4ca
-
SHA1
a9bbeb0793282db2f74f19a271415479146be3b9
-
SHA256
0a7662f030946b171a47ca964dace696410fbaafcc70c3849ea70fbcd3bacdf4
-
SHA512
7cf494dfd1456ef29ddfee4c5aa2074aab092c4cbb06145e0bf27c64852344b9ee79488726b2e517035cfa18b546d82048c156bc4722e017fb7175eaedbde868
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-