General
-
Target
fddb7d6120715aad3f0661513fd2c868b14a71b25009de9c8cbeefc1fa36abc6
-
Size
1.5MB
-
Sample
201109-4j8x7m2vp6
-
MD5
f82031ee1e40e4341bfde851b1cb4c4f
-
SHA1
916547b801d7b930cf98f8ad723aee5384e32623
-
SHA256
fddb7d6120715aad3f0661513fd2c868b14a71b25009de9c8cbeefc1fa36abc6
-
SHA512
57ec4eed21adf2564ec617766b045a97d5d8797bb97525c20239f15344327f7f07970903c6dbde2679e962efa1ed91137a714a76023c0999979dc1b9254aaaac
Static task
static1
Behavioral task
behavioral1
Sample
fddb7d6120715aad3f0661513fd2c868b14a71b25009de9c8cbeefc1fa36abc6.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
fddb7d6120715aad3f0661513fd2c868b14a71b25009de9c8cbeefc1fa36abc6
-
Size
1.5MB
-
MD5
f82031ee1e40e4341bfde851b1cb4c4f
-
SHA1
916547b801d7b930cf98f8ad723aee5384e32623
-
SHA256
fddb7d6120715aad3f0661513fd2c868b14a71b25009de9c8cbeefc1fa36abc6
-
SHA512
57ec4eed21adf2564ec617766b045a97d5d8797bb97525c20239f15344327f7f07970903c6dbde2679e962efa1ed91137a714a76023c0999979dc1b9254aaaac
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-