General
-
Target
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df
-
Size
1.5MB
-
Sample
201109-4cjmsqr5ma
-
MD5
0029b584f6340836dfba8d26a8171dac
-
SHA1
6fb2d7527254faa43bea8b33a6305472505f7842
-
SHA256
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df
-
SHA512
6d9ff5b2aed7b9702cd993a3f2ad4a4e1db8fb127bcacac4688ebe49f3cc9391060b278801d4856cb56846f02a7dfedbb9dc543ffddc94b2f3a96ebc910a7cfd
Static task
static1
Behavioral task
behavioral1
Sample
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df.exe
Resource
win10v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df
-
Size
1.5MB
-
MD5
0029b584f6340836dfba8d26a8171dac
-
SHA1
6fb2d7527254faa43bea8b33a6305472505f7842
-
SHA256
15c86d9addf12cd01b56ccd956bb2716558450815f7d1ef2a515848e7240b6df
-
SHA512
6d9ff5b2aed7b9702cd993a3f2ad4a4e1db8fb127bcacac4688ebe49f3cc9391060b278801d4856cb56846f02a7dfedbb9dc543ffddc94b2f3a96ebc910a7cfd
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-