General
-
Target
d372fce4dc8842dc2295d9464600f1450d90fa5554a13b1b7183cb3dba0aa0cb
-
Size
1.5MB
-
Sample
201109-eaacjy5exx
-
MD5
f781984780ee83c5d8997f283b53ada0
-
SHA1
cc49354a74005d5c6e19bbd0b7628d563211638e
-
SHA256
d372fce4dc8842dc2295d9464600f1450d90fa5554a13b1b7183cb3dba0aa0cb
-
SHA512
e598a6745b4d3a85a828c2090e1f706ed692b2b7545e2781243512f0963cfe2f337efe4c456ab42a2e421b9a49dd30014324014d1af54bd30cc7e817d7ff0d23
Static task
static1
Behavioral task
behavioral1
Sample
d372fce4dc8842dc2295d9464600f1450d90fa5554a13b1b7183cb3dba0aa0cb.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
d372fce4dc8842dc2295d9464600f1450d90fa5554a13b1b7183cb3dba0aa0cb
-
Size
1.5MB
-
MD5
f781984780ee83c5d8997f283b53ada0
-
SHA1
cc49354a74005d5c6e19bbd0b7628d563211638e
-
SHA256
d372fce4dc8842dc2295d9464600f1450d90fa5554a13b1b7183cb3dba0aa0cb
-
SHA512
e598a6745b4d3a85a828c2090e1f706ed692b2b7545e2781243512f0963cfe2f337efe4c456ab42a2e421b9a49dd30014324014d1af54bd30cc7e817d7ff0d23
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-