General
-
Target
23177b599c322119b7796bbfd6e8f0005ed1f3a6e51b28c19bfe85706cbc30ea
-
Size
726KB
-
Sample
201110-t1cnzg56se
-
MD5
36f8a5356eaa170009cd6cc4bb7e4eeb
-
SHA1
fc4601d48e42cfbea7cee7891d9170d7d9de2370
-
SHA256
23177b599c322119b7796bbfd6e8f0005ed1f3a6e51b28c19bfe85706cbc30ea
-
SHA512
30cab5cb33f7fd22bfe004cb794e65ad7bd1513404893107ebcb8bc12ea6d7ee4526302cd352710ed650dc3043fd16c333eb131e8313951dea48273060096660
Static task
static1
Behavioral task
behavioral1
Sample
23177b599c322119b7796bbfd6e8f0005ed1f3a6e51b28c19bfe85706cbc30ea.exe
Resource
win7v20201028
Malware Config
Extracted
darkcomet
Cybergate
xyk.no-ip.org:82
DC_MUTEX-CBRCJKD
-
gencode
dStG8rFqSf0i
-
install
false
-
offline_keylogger
true
-
password
12345678
-
persistence
false
Targets
-
-
Target
23177b599c322119b7796bbfd6e8f0005ed1f3a6e51b28c19bfe85706cbc30ea
-
Size
726KB
-
MD5
36f8a5356eaa170009cd6cc4bb7e4eeb
-
SHA1
fc4601d48e42cfbea7cee7891d9170d7d9de2370
-
SHA256
23177b599c322119b7796bbfd6e8f0005ed1f3a6e51b28c19bfe85706cbc30ea
-
SHA512
30cab5cb33f7fd22bfe004cb794e65ad7bd1513404893107ebcb8bc12ea6d7ee4526302cd352710ed650dc3043fd16c333eb131e8313951dea48273060096660
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-