Behavioral task
behavioral1
Sample
b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d
-
Size
2.5MB
-
MD5
5b5ac97705245c79b7dc5553ea9ef725
-
SHA1
8c43d1de280dc53dad5c95d765ef78b52a81c62d
-
SHA256
b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d
-
SHA512
8715ae2dac65df613e5ad5715b4240a947597918caa890e4b1610166f73b75736fb536330d14e6a5fa1395f80fb37ea35aa98bf328a6d1b71354aa789a93443c
Malware Config
Extracted
Family
darkcomet
Botnet
777
C2
mywin7man.ddns.net:400
mywin7man.p-e.kr:400
Mutex
DC_MUTEX-ETJWHM7
Attributes
-
InstallPath
windowscra.exe
-
gencode
Pi9Netx9cyRC
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Signatures
-
Darkcomet family
Files
-
b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d.exe windows x86