General
-
Target
dcfca45249d204785212dad0e770bc65244b6392f2b94e1e03f4272c4bbc0a6b
-
Size
975KB
-
Sample
200706-rr6dh3k4bj
-
MD5
599d467764f284582ec10a55362a9ae7
-
SHA1
6b2ad378d36c7f17183a5a4f9d660ff580e4cd8e
-
SHA256
dcfca45249d204785212dad0e770bc65244b6392f2b94e1e03f4272c4bbc0a6b
-
SHA512
b60fcd50148e119a18711dda0b233b8dca9168d908ab4bbdb21bf2de5a2ec5f5629ed0210314725cf1f43fcb960b151899a45acb8e95f63cb40daf0d06fc3b42
Static task
static1
Behavioral task
behavioral1
Sample
dcfca45249d204785212dad0e770bc65244b6392f2b94e1e03f4272c4bbc0a6b.exe
Resource
win7v200430
Malware Config
Extracted
darkcomet
IMAGESZ
manymoney-70.no-ip.org:82
DC_MUTEX-9MB7QNH
-
gencode
xUDwyyxhTSgj
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
dcfca45249d204785212dad0e770bc65244b6392f2b94e1e03f4272c4bbc0a6b
-
Size
975KB
-
MD5
599d467764f284582ec10a55362a9ae7
-
SHA1
6b2ad378d36c7f17183a5a4f9d660ff580e4cd8e
-
SHA256
dcfca45249d204785212dad0e770bc65244b6392f2b94e1e03f4272c4bbc0a6b
-
SHA512
b60fcd50148e119a18711dda0b233b8dca9168d908ab4bbdb21bf2de5a2ec5f5629ed0210314725cf1f43fcb960b151899a45acb8e95f63cb40daf0d06fc3b42
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-