Overview

overview

10

Static

static

10

b243cf67bf...1d.exe

windows7_x64

10

b243cf67bf...1d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d

  • Size

    2.5MB

  • MD5

    5b5ac97705245c79b7dc5553ea9ef725

  • SHA1

    8c43d1de280dc53dad5c95d765ef78b52a81c62d

  • SHA256

    b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d

  • SHA512

    8715ae2dac65df613e5ad5715b4240a947597918caa890e4b1610166f73b75736fb536330d14e6a5fa1395f80fb37ea35aa98bf328a6d1b71354aa789a93443c

Score
10/10
777darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

777

C2

mywin7man.ddns.net:400

mywin7man.p-e.kr:400
Mutex

DC_MUTEX-ETJWHM7

Attributes
  • InstallPath

    windowscra.exe

  • gencode

    Pi9Netx9cyRC

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

Files

  • b243cf67bf384a80b8de34c6e8b351bb3f6cbe2c24ef4c7168489ce0bde00e1d
    .exe windows x86