Behavioral task
behavioral1
Sample
97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521
-
Size
685KB
-
MD5
59b083bb93311967ade4787a38a71da4
-
SHA1
2ccc0033adcb96f52aa0af850480465b62a76b0f
-
SHA256
97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521
-
SHA512
be8afed68c25c32c621a12f6a08450aafaf8fd9f90593dcf74a9ef0597b2a178d81b9a99c2e224adfe88c5052c7359a58d2324b8f36cdbd6717eaeb507b246a9
Malware Config
Extracted
Family
darkcomet
Botnet
Sazan
C2
marbeyli.duckdns.org:1604
Mutex
DC_MUTEX-LE9EE3D
Attributes
-
InstallPath
MSDCSC\svchost.exe
-
gencode
w1S5jibwxNoa
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Signatures
-
Darkcomet family
Files
-
97eee5ecf6cc23c32ec2eadf116cc10976696962e7f2cd6c124b3761b4409521.exe windows x86