General
-
Target
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738
-
Size
660KB
-
Sample
210504-lwbjn365kn
-
MD5
a5752f27ef2b3f17423ce9bb1c4aca39
-
SHA1
74316ef1040d4225fb16bb79749bb42eea8636b1
-
SHA256
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738
-
SHA512
80eeeb01a1e5087d5ea4fe50278ee91819d24e90650b1f3994f40bc06d01dd747ae339aaf9c7ac0acf1ef0acba8fbaa28421058441f15eea929a8a719e44905b
Static task
static1
Behavioral task
behavioral1
Sample
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738.exe
Resource
win10v20210410
Malware Config
Extracted
darkcomet
Guest16_min
127.0.0.1:1604
DCMIN_MUTEX-TDTH15Z
-
InstallPath
DCSCMIN\IMDCSC.exe
-
gencode
7AF6lNtA1lPw
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
DarkComet RAT
Targets
-
-
Target
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738
-
Size
660KB
-
MD5
a5752f27ef2b3f17423ce9bb1c4aca39
-
SHA1
74316ef1040d4225fb16bb79749bb42eea8636b1
-
SHA256
e8037ba03db7ab77f623de243e19284af0dcc8e2d042e3bf7eba810066fae738
-
SHA512
80eeeb01a1e5087d5ea4fe50278ee91819d24e90650b1f3994f40bc06d01dd747ae339aaf9c7ac0acf1ef0acba8fbaa28421058441f15eea929a8a719e44905b
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-