General
-
Target
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957
-
Size
658KB
-
Sample
201108-qkhe7p244n
-
MD5
1725eb7bc1e3ff32883379f880858691
-
SHA1
8eb521cc92580a521fee7d3c0f6ee3819c4d6473
-
SHA256
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957
-
SHA512
fbcdea7ffb89e89b27b4fb5075ec9262aa71b46323c837d74fcb366b63c899ce80a3bf7887be94206a7f5070940cb15cdf1a68560d7f4adb48ac40451ea78309
Static task
static1
Behavioral task
behavioral1
Sample
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957.exe
Resource
win10v20201028
Malware Config
Extracted
darkcomet
Guest16_min
90.188.3.4:1604
DCMIN_MUTEX-S7F9Q3A
-
InstallPath
DCSCMIN\IMDCSC.exe
-
gencode
4SfUlKN3ZUDf
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
DarkComet RAT
Targets
-
-
Target
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957
-
Size
658KB
-
MD5
1725eb7bc1e3ff32883379f880858691
-
SHA1
8eb521cc92580a521fee7d3c0f6ee3819c4d6473
-
SHA256
9037b03b88a3dd5e3515bf032d4616fdfe824d744d2bef8057df542c1b287957
-
SHA512
fbcdea7ffb89e89b27b4fb5075ec9262aa71b46323c837d74fcb366b63c899ce80a3bf7887be94206a7f5070940cb15cdf1a68560d7f4adb48ac40451ea78309
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-