General
-
Target
151c33cf3d3cbc3b4c85cfbeac26d4f120a52c6a5787d5413833ed4b2037f225
-
Size
1.5MB
-
Sample
201109-7sbxrs9fb2
-
MD5
2278456ba291dd755ca8369f99753de8
-
SHA1
654f8f36b584499394d8370804e37a86caba18e0
-
SHA256
151c33cf3d3cbc3b4c85cfbeac26d4f120a52c6a5787d5413833ed4b2037f225
-
SHA512
f8552858829cabb3dedd00a31f6b20137290ddf41a136639be2bb5a6ecd898db5a11008dd3ceb1406deab694c8471e05aec2377a1282090d76b96b794148ae71
Static task
static1
Behavioral task
behavioral1
Sample
151c33cf3d3cbc3b4c85cfbeac26d4f120a52c6a5787d5413833ed4b2037f225.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
151c33cf3d3cbc3b4c85cfbeac26d4f120a52c6a5787d5413833ed4b2037f225
-
Size
1.5MB
-
MD5
2278456ba291dd755ca8369f99753de8
-
SHA1
654f8f36b584499394d8370804e37a86caba18e0
-
SHA256
151c33cf3d3cbc3b4c85cfbeac26d4f120a52c6a5787d5413833ed4b2037f225
-
SHA512
f8552858829cabb3dedd00a31f6b20137290ddf41a136639be2bb5a6ecd898db5a11008dd3ceb1406deab694c8471e05aec2377a1282090d76b96b794148ae71
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-