Overview

overview

10

Static

static

10

1yyoRs4y38...Ak.exe

windows7_x64

10

1yyoRs4y38...Ak.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1yyoRs4y38XZvNF9YQAk.exe

  • Size

    658KB

  • MD5

    db08908582b5fadec29d5ea3c91b954a

  • SHA1

    fedaf416dd8019a55657d8321d70e2d09c98c595

  • SHA256

    6f08293219654fea6c04ef20b911c4b3d28029ae32b9bcfaa7278df56a059ede

  • SHA512

    05e99bb91df650d18da64d2133c7e289c0485d28e289aa77d1c0e0366473e33da3f0d955a29c93d88f4a47b40f766611cf3c3d07174c602cbb2bf6a76641e916

Score
10/10
guest16darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

nanocore4459.ddns.net:5552

Mutex

DC_MUTEX-WPZT55M

Attributes
  • InstallPath

    C:\Windows\System32\drivers\networkdrv.exe

  • gencode

    CtFSuaWNSfPv

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    Network Driver

Signatures

Files

  • 1yyoRs4y38XZvNF9YQAk.exe
    .exe windows x86