General
-
Target
dadbbae49763300bb65adb6e4adb49fc3d8d041df3acf36d968694274d4f0d80
-
Size
1.5MB
-
Sample
201109-dhdhzwx1rn
-
MD5
17324f12dc50cb5cbee601f34b563293
-
SHA1
b8e8ea642c064aed63ee175c2478f752433d5b99
-
SHA256
dadbbae49763300bb65adb6e4adb49fc3d8d041df3acf36d968694274d4f0d80
-
SHA512
7209de88c0eada80c141bbe8d8efe5ed14c4cb8173aca34f815a8f61790b8c1e97f3c6cbecf9f8729241b00a4f995b142e78c468846f0f9411477297ec56d2dc
Static task
static1
Behavioral task
behavioral1
Sample
dadbbae49763300bb65adb6e4adb49fc3d8d041df3acf36d968694274d4f0d80.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
dadbbae49763300bb65adb6e4adb49fc3d8d041df3acf36d968694274d4f0d80
-
Size
1.5MB
-
MD5
17324f12dc50cb5cbee601f34b563293
-
SHA1
b8e8ea642c064aed63ee175c2478f752433d5b99
-
SHA256
dadbbae49763300bb65adb6e4adb49fc3d8d041df3acf36d968694274d4f0d80
-
SHA512
7209de88c0eada80c141bbe8d8efe5ed14c4cb8173aca34f815a8f61790b8c1e97f3c6cbecf9f8729241b00a4f995b142e78c468846f0f9411477297ec56d2dc
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-