Overview

overview

10

Static

static

10

a2dff7ad9f...cb.exe

windows7_x64

10

a2dff7ad9f...cb.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2dff7ad9fd1ba464b6e116e783130b22fd809b0384acdf55d5b075cdba71fcb

  • Size

    658KB

  • MD5

    f0016753a0f7d4a77577219f32cbe1a3

  • SHA1

    8cf1834af6492053e1d52c202e2f447978d36898

  • SHA256

    a2dff7ad9fd1ba464b6e116e783130b22fd809b0384acdf55d5b075cdba71fcb

  • SHA512

    285ddc39de01fb5b57ef95102cfb085847274b41a91b90de6c01dfa3f0c553f3c5968750cd9577f681eed7b18ca23530c2a186821b28468665078ad9c76f1c8a

Score
10/10
junior_sazandarkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Junior_Sazan

C2

tcp.ngrok.io:1604

Mutex

DCMIN_MUTEX-TGBV1JW

Attributes
  • InstallPath

    DCSCMIN\IMDCSC.exe

  • gencode

    DYogjpAqTBHJ

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    Windows Defender

Signatures

Files

  • a2dff7ad9fd1ba464b6e116e783130b22fd809b0384acdf55d5b075cdba71fcb
    .exe windows x86