General
-
Target
99ed455cf7867678bf77bdbcd8fd1c73586a78402e451c436a2036060ae1fae3
-
Size
939KB
-
Sample
201110-bcwf4ewhgn
-
MD5
0e838be21a95730626f8751e6d58e1a7
-
SHA1
c5dbfdf431daa4e76029eb91ea622a2973ebbf18
-
SHA256
99ed455cf7867678bf77bdbcd8fd1c73586a78402e451c436a2036060ae1fae3
-
SHA512
746c6d95bd7a1f6fe02a6ab01617017143b4675c383dafcad7ced10d4372b804f584d9e3e271921141950130b3c5208cc181d7fee6dbe1a719917202a5cf0a90
Static task
static1
Behavioral task
behavioral1
Sample
99ed455cf7867678bf77bdbcd8fd1c73586a78402e451c436a2036060ae1fae3.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
192.168.1.132:1604
DC_MUTEX-UZ5QYPV
-
gencode
00JBqsRoxY0q
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
99ed455cf7867678bf77bdbcd8fd1c73586a78402e451c436a2036060ae1fae3
-
Size
939KB
-
MD5
0e838be21a95730626f8751e6d58e1a7
-
SHA1
c5dbfdf431daa4e76029eb91ea622a2973ebbf18
-
SHA256
99ed455cf7867678bf77bdbcd8fd1c73586a78402e451c436a2036060ae1fae3
-
SHA512
746c6d95bd7a1f6fe02a6ab01617017143b4675c383dafcad7ced10d4372b804f584d9e3e271921141950130b3c5208cc181d7fee6dbe1a719917202a5cf0a90
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-