General
-
Target
1fc15fc0d494f0441923e5237e214545cc13d0f73759d70da6d4a784a2ef8b1c
-
Size
1.5MB
-
Sample
201109-dvx2nxwcn6
-
MD5
21fb7cfb4b6889927dc2cc02307b6bc3
-
SHA1
7461b416f7da583f84ec4d1b5215af977b736f15
-
SHA256
1fc15fc0d494f0441923e5237e214545cc13d0f73759d70da6d4a784a2ef8b1c
-
SHA512
00816bba8729485dacfff1596c0b3c32fac3395ce5739ffa1833217b54d76e8263af586a3cabebe579c58e3d8d7580977faca61a0ac5d5f001ac18f50466743d
Static task
static1
Behavioral task
behavioral1
Sample
1fc15fc0d494f0441923e5237e214545cc13d0f73759d70da6d4a784a2ef8b1c.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1fc15fc0d494f0441923e5237e214545cc13d0f73759d70da6d4a784a2ef8b1c
-
Size
1.5MB
-
MD5
21fb7cfb4b6889927dc2cc02307b6bc3
-
SHA1
7461b416f7da583f84ec4d1b5215af977b736f15
-
SHA256
1fc15fc0d494f0441923e5237e214545cc13d0f73759d70da6d4a784a2ef8b1c
-
SHA512
00816bba8729485dacfff1596c0b3c32fac3395ce5739ffa1833217b54d76e8263af586a3cabebe579c58e3d8d7580977faca61a0ac5d5f001ac18f50466743d
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-