Overview

overview

10

Static

static

10

97eee5ecf6...21.exe

windows7_x64

10

97eee5ecf6...21.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521

  • Size

    685KB

  • MD5

    59b083bb93311967ade4787a38a71da4

  • SHA1

    2ccc0033adcb96f52aa0af850480465b62a76b0f

  • SHA256

    97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521

  • SHA512

    be8afed68c25c32c621a12f6a08450aafaf8fd9f90593dcf74a9ef0597b2a178d81b9a99c2e224adfe88c5052c7359a58d2324b8f36cdbd6717eaeb507b246a9

Score
10/10
sazandarkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Sazan

C2

marbeyli.duckdns.org:1604

Mutex

DC_MUTEX-LE9EE3D

Attributes
  • InstallPath

    MSDCSC\svchost.exe

  • gencode

    w1S5jibwxNoa

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

Files

  • 97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521
    .exe windows x86