General
-
Target
d33390c1548497b6fad0f78111db2acf578ee41531336611c0b6cc6611a9cebc
-
Size
521KB
-
Sample
210908-k4gxbshdbr
-
MD5
395fa99254a783e8592dcecdaa465140
-
SHA1
587f1cc23c522eb2d0be6ab62a03bdd23df423a3
-
SHA256
d33390c1548497b6fad0f78111db2acf578ee41531336611c0b6cc6611a9cebc
-
SHA512
3095d3f673ffcaf69193189ebc159bccce4e0ed1a3d8188d5424ed0251bcf95ac3d7a9555e84dbcb52de37f234f568764737da2dab7f5ea56dbd9a553b95a235
Malware Config
Targets
-
-
Target
d33390c1548497b6fad0f78111db2acf578ee41531336611c0b6cc6611a9cebc
-
Size
521KB
-
MD5
395fa99254a783e8592dcecdaa465140
-
SHA1
587f1cc23c522eb2d0be6ab62a03bdd23df423a3
-
SHA256
d33390c1548497b6fad0f78111db2acf578ee41531336611c0b6cc6611a9cebc
-
SHA512
3095d3f673ffcaf69193189ebc159bccce4e0ed1a3d8188d5424ed0251bcf95ac3d7a9555e84dbcb52de37f234f568764737da2dab7f5ea56dbd9a553b95a235
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-