General
-
Target
1cc3c44cb2987e697a2c4e3f2b48dfe5555b774dc86efcb06d15f64a9ab14362
-
Size
1.5MB
-
Sample
201109-rxzxmppxax
-
MD5
4bb315fbc47de30e0bb3f0f3551b4970
-
SHA1
b60c0cc43d6255b70217875acff1ab7f7732a71f
-
SHA256
1cc3c44cb2987e697a2c4e3f2b48dfe5555b774dc86efcb06d15f64a9ab14362
-
SHA512
cd16b6d52da9863f50432019c2028c5c1ea73cb1f3ec5f6e0a30a54af32aced27ef6c40395edc72ed69cbada85527eb81da09465cf427344566de80f6ac42fa9
Static task
static1
Behavioral task
behavioral1
Sample
1cc3c44cb2987e697a2c4e3f2b48dfe5555b774dc86efcb06d15f64a9ab14362.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Runescape
mrsnickers03.no-ip.biz:340
DC_MUTEX-6ZFK11A
-
gencode
uNwew4gojxtu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1cc3c44cb2987e697a2c4e3f2b48dfe5555b774dc86efcb06d15f64a9ab14362
-
Size
1.5MB
-
MD5
4bb315fbc47de30e0bb3f0f3551b4970
-
SHA1
b60c0cc43d6255b70217875acff1ab7f7732a71f
-
SHA256
1cc3c44cb2987e697a2c4e3f2b48dfe5555b774dc86efcb06d15f64a9ab14362
-
SHA512
cd16b6d52da9863f50432019c2028c5c1ea73cb1f3ec5f6e0a30a54af32aced27ef6c40395edc72ed69cbada85527eb81da09465cf427344566de80f6ac42fa9
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-