darkcomet | lab_02_win10x64[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

lab_02_win...5b.exe

windows7_x64

8

lab_02_win...5b.exe

windows10_x64

8

lab_02_win...82.exe

windows7_x64

8

lab_02_win...82.exe

windows10_x64

8

lab_02_win...63.exe

windows7_x64

lab_02_win...63.exe

windows10_x64

lab_02_win...15.exe

windows7_x64

8

lab_02_win...15.exe

windows10_x64

8

lab_02_win...c7.exe

windows7_x64

8

lab_02_win...c7.exe

windows10_x64

8

Sharing

Static task

static1

guest16 darkcomet

Behavioral task

behavioral1

Sample

lab_02_win10x64/1e3966e77ad1cbf3e3ef76803fbf92300b2b88af39650a1208520e0cdc05645b.exe

Resource

win7v20210408

persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

lab_02_win10x64/1e3966e77ad1cbf3e3ef76803fbf92300b2b88af39650a1208520e0cdc05645b.exe

Resource

win10v20210410

persistence upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

lab_02_win10x64/6562e2ac60afa314cd463f771fcfb8be70f947f6e2b314b0c48187eebb33dd82.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

lab_02_win10x64/6562e2ac60afa314cd463f771fcfb8be70f947f6e2b314b0c48187eebb33dd82.exe

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

lab_02_win10x64/6d34ded00c0da9887ba752872093f59c649de72a1f629a32014f5ed8be509363.exe

Resource

win7v20210408

darkcomet guest16 evasion persistence rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

lab_02_win10x64/6d34ded00c0da9887ba752872093f59c649de72a1f629a32014f5ed8be509363.exe

Resource

win10v20210410

darkcomet guest16 evasion persistence rat trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

lab_02_win10x64/a380617cf945ca35dbbc3d031bcc612f0dca96c1027a75003182ba5be2851215.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

lab_02_win10x64/a380617cf945ca35dbbc3d031bcc612f0dca96c1027a75003182ba5be2851215.exe

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

lab_02_win10x64/b3b3bb519dd34a933a0b9920fa905ecaa5ce32c34871a29b5823a5b0fd4d9fc7.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

lab_02_win10x64/b3b3bb519dd34a933a0b9920fa905ecaa5ce32c34871a29b5823a5b0fd4d9fc7.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

General

Target

lab_02_win10x64.zip
Size

1.4MB
MD5

016372049572bd04a23e50f131217627
SHA1

2b1276f7efcb94798d39e0913bb5ed63f1e8b720
SHA256

3d445366066d1c084f489995e476abe8e1204fa1918468868c4f90cabd2e5817
SHA512

fb139ec75a88edc271f974f6612ec176bcdb360e1e073fa288d550612d2c4a0a9c3993afc24c65146ca8c051655d03cc7e86d774e14ce72722206dc39df93e1d

Score

10^/10

guest16 darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

test213.no-ip.info:1604

Mutex

DC_MUTEX-KHNEW06

Attributes

InstallPath
MSDCSC\runddl32.exe
gencode
F6FE8i2BxCpu
install
true
offline_keylogger
true
persistence
true
reg_key
MicroUpdate

Signatures

Darkcomet family
darkcomet

Files

lab_02_win10x64.zip
.zip

Password: infected
lab_02_win10x64/.DS_Store
lab_02_win10x64/1e3966e77ad1cbf3e3ef76803fbf92300b2b88af39650a1208520e0cdc05645b.exe
.exe windows x86
lab_02_win10x64/6562e2ac60afa314cd463f771fcfb8be70f947f6e2b314b0c48187eebb33dd82.exe
.exe windows x86
lab_02_win10x64/6d34ded00c0da9887ba752872093f59c649de72a1f629a32014f5ed8be509363.exe
.exe windows x86
lab_02_win10x64/a380617cf945ca35dbbc3d031bcc612f0dca96c1027a75003182ba5be2851215.exe
.exe windows x86
lab_02_win10x64/b3b3bb519dd34a933a0b9920fa905ecaa5ce32c34871a29b5823a5b0fd4d9fc7.exe
.exe windows x86

© 2018-2024

Terms | Privacy