General
-
Target
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098
-
Size
658KB
-
Sample
210505-hgmv26xwmx
-
MD5
d3d964677264a3cb1c7a6a4e507f513d
-
SHA1
5a725d084eb47e796fba25498095be7c0f49061b
-
SHA256
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098
-
SHA512
87c8100ef3973bda93d327ba90563d9b99fd808bbdfa1b6008b4bf28fd410835141b85016a7eac50133f5c590a5bfceb5e3a702d0b463d6a2b09ade26687c6a6
Static task
static1
Behavioral task
behavioral1
Sample
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098.exe
Resource
win10v20210410
Malware Config
Extracted
darkcomet
Guest16_min
127.0.0.1:1604
DCMIN_MUTEX-ZAM848X
-
InstallPath
DCSCMIN\IMDCSC.exe
-
gencode
Lwy69h3CzB9T
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
DarkComet RAT
Targets
-
-
Target
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098
-
Size
658KB
-
MD5
d3d964677264a3cb1c7a6a4e507f513d
-
SHA1
5a725d084eb47e796fba25498095be7c0f49061b
-
SHA256
fa77365a2b757aa8e3c0dea845aeb2e0ac77ab0f6138c140fd165da72ebbf098
-
SHA512
87c8100ef3973bda93d327ba90563d9b99fd808bbdfa1b6008b4bf28fd410835141b85016a7eac50133f5c590a5bfceb5e3a702d0b463d6a2b09ade26687c6a6
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-