Behavioral task
behavioral1
Sample
1yyoRs4y38XZvNF9YQAk.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
General
-
Target
1yyoRs4y38XZvNF9YQAk.exe
-
Size
658KB
-
MD5
db08908582b5fadec29d5ea3c91b954a
-
SHA1
fedaf416dd8019a55657d8321d70e2d09c98c595
-
SHA256
6f08293219654fea6c04ef20b911c4b3d28029ae32b9bcfaa7278df56a059ede
-
SHA512
05e99bb91df650d18da64d2133c7e289c0485d28e289aa77d1c0e0366473e33da3f0d955a29c93d88f4a47b40f766611cf3c3d07174c602cbb2bf6a76641e916
Malware Config
Extracted
Family
darkcomet
Botnet
Guest16
C2
nanocore4459.ddns.net:5552
Mutex
DC_MUTEX-WPZT55M
Attributes
-
InstallPath
C:\Windows\System32\drivers\networkdrv.exe
-
gencode
CtFSuaWNSfPv
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
Network Driver
Signatures
-
Darkcomet family
Files
-
1yyoRs4y38XZvNF9YQAk.exe.exe windows x86