General
-
Target
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663
-
Size
658KB
-
Sample
210509-fn2c5kqpze
-
MD5
039c7ff58d895d09b8197e81219c8a4c
-
SHA1
1d39f31f551e520a12eb8b86e87fa355685b8444
-
SHA256
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663
-
SHA512
bed83268a318d1efdada4fe7d683970d85386e9fdc702dd113ae15b77d81c9eef3c67fc8f17a0a153f5d915e9c6794aeb7a71e404ed52d0f937e07a962a55f9f
Static task
static1
Behavioral task
behavioral1
Sample
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663.exe
Resource
win10v20210408
Malware Config
Extracted
darkcomet
Junior_Sazan
192.168.43.1:1604
DCMIN_MUTEX-XWTUXJX
-
InstallPath
DCSCMIN\IMDCSC.exe
-
gencode
gdhAkt6XVk4X
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
Windows Defender
Targets
-
-
Target
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663
-
Size
658KB
-
MD5
039c7ff58d895d09b8197e81219c8a4c
-
SHA1
1d39f31f551e520a12eb8b86e87fa355685b8444
-
SHA256
7fb5225671608e34583ac4e3766f9b6e765efeb1f71921366e30dcaad296f663
-
SHA512
bed83268a318d1efdada4fe7d683970d85386e9fdc702dd113ae15b77d81c9eef3c67fc8f17a0a153f5d915e9c6794aeb7a71e404ed52d0f937e07a962a55f9f
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-