General
-
Target
8a7df8323dc4eee4c43a0e0fa761af9ed98274b0923066aa82dbfa977c1e4f50
-
Size
1.5MB
-
Sample
201109-mqw6swfkna
-
MD5
f7f98f7827a8eee2a8eba4542f6c4ff8
-
SHA1
f504d82d6826cf7d8defa916f71be01a46c6db09
-
SHA256
8a7df8323dc4eee4c43a0e0fa761af9ed98274b0923066aa82dbfa977c1e4f50
-
SHA512
b6fe1a75af8bb1818ec7af6d7f98288e09466d7b7deabdd015b312c0b94942badcbd554a52042e1d2b737525b501673f5b776d0b68fb8c245730a65c3f7b5ef1
Static task
static1
Behavioral task
behavioral1
Sample
8a7df8323dc4eee4c43a0e0fa761af9ed98274b0923066aa82dbfa977c1e4f50.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
8a7df8323dc4eee4c43a0e0fa761af9ed98274b0923066aa82dbfa977c1e4f50
-
Size
1.5MB
-
MD5
f7f98f7827a8eee2a8eba4542f6c4ff8
-
SHA1
f504d82d6826cf7d8defa916f71be01a46c6db09
-
SHA256
8a7df8323dc4eee4c43a0e0fa761af9ed98274b0923066aa82dbfa977c1e4f50
-
SHA512
b6fe1a75af8bb1818ec7af6d7f98288e09466d7b7deabdd015b312c0b94942badcbd554a52042e1d2b737525b501673f5b776d0b68fb8c245730a65c3f7b5ef1
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-