General
-
Target
f07a791d33d9cf7db68c0925b8b254682a703ac53eb8188e1e996af91d0c348e
-
Size
1.5MB
-
Sample
201109-cr4gvy298x
-
MD5
15e68274a502d0a3f916e822661d0261
-
SHA1
0284a494e76ce1339b238fcb2b2c920e5fca23e5
-
SHA256
f07a791d33d9cf7db68c0925b8b254682a703ac53eb8188e1e996af91d0c348e
-
SHA512
6949fe8adb56018cb586be580a845a4a5c4ced0709937091cf48397002fc2f35fba221ff4b76c69ea713d09934404ebd0303ff9299cdf61fd7730bc81a89dcd3
Static task
static1
Behavioral task
behavioral1
Sample
f07a791d33d9cf7db68c0925b8b254682a703ac53eb8188e1e996af91d0c348e.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
f07a791d33d9cf7db68c0925b8b254682a703ac53eb8188e1e996af91d0c348e
-
Size
1.5MB
-
MD5
15e68274a502d0a3f916e822661d0261
-
SHA1
0284a494e76ce1339b238fcb2b2c920e5fca23e5
-
SHA256
f07a791d33d9cf7db68c0925b8b254682a703ac53eb8188e1e996af91d0c348e
-
SHA512
6949fe8adb56018cb586be580a845a4a5c4ced0709937091cf48397002fc2f35fba221ff4b76c69ea713d09934404ebd0303ff9299cdf61fd7730bc81a89dcd3
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-