Behavioral task
behavioral1
Sample
04C164391EFCEDD93B5C04DC137E8B80336265246FA15.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
04C164391EFCEDD93B5C04DC137E8B80336265246FA15.exe
-
Size
770KB
-
MD5
2f087c02e5a65fc3a150ba96ddde8a0f
-
SHA1
d8b02d1cd0d582b93866ea2e2da10cb148828566
-
SHA256
04c164391efcedd93b5c04dc137e8b80336265246fa15318a67d4b2d20bf257f
-
SHA512
86b078abb4270864802f0056c5657c82c2f375472d821fd888aa0252c10e270cba8beb5bc5063236d7c1192ccf573d7df7dec83ddf753638e96aa6d06f5c0edd
Malware Config
Extracted
Family
darkcomet
Botnet
Sazan
C2
marbeyli.duckdns.org:1604
Mutex
DC_MUTEX-D2KTVT9
Attributes
-
InstallPath
MSDCSC\svchost.exe
-
gencode
iGJFx2jaJsy3
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
MicroUpdate
Signatures
Files
-
04C164391EFCEDD93B5C04DC137E8B80336265246FA15.exe.exe windows x86