General
-
Target
6710915f32e35614181300eba4f4b49e24bbda5774f31abf84b78552565a8559
-
Size
1.5MB
-
Sample
201109-jgta9vq3js
-
MD5
5e0c56aa4d8ab74ab7c1401c05720f15
-
SHA1
b4f0cfd99d686ce6f724e4328d21edec5f56dd1b
-
SHA256
6710915f32e35614181300eba4f4b49e24bbda5774f31abf84b78552565a8559
-
SHA512
f73bbc8d8cdfd5f8a18f624ea5aee83ce05d6566ad018fd5dd7541202f0d033feb7bf60afcd1f80ea601f2efd0477b1f05feeaa09883f6ce1b3210d5d323e44e
Static task
static1
Behavioral task
behavioral1
Sample
6710915f32e35614181300eba4f4b49e24bbda5774f31abf84b78552565a8559.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6710915f32e35614181300eba4f4b49e24bbda5774f31abf84b78552565a8559
-
Size
1.5MB
-
MD5
5e0c56aa4d8ab74ab7c1401c05720f15
-
SHA1
b4f0cfd99d686ce6f724e4328d21edec5f56dd1b
-
SHA256
6710915f32e35614181300eba4f4b49e24bbda5774f31abf84b78552565a8559
-
SHA512
f73bbc8d8cdfd5f8a18f624ea5aee83ce05d6566ad018fd5dd7541202f0d033feb7bf60afcd1f80ea601f2efd0477b1f05feeaa09883f6ce1b3210d5d323e44e
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-