Behavioral task
behavioral1
Sample
d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab.exe
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab
-
Size
659KB
-
MD5
5bfa0be4efc7ffb3b6e2cd63b78fbb5b
-
SHA1
92031a89f86535db2085ed43dd8034e905169c6f
-
SHA256
d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab
-
SHA512
f797d3be2e3f99a621be6a0dcc0e4e1cb0bb3263192feae27828b5adf234e350d7adf84f383ef2adb6ccccce0a95a0f6e9a93601a57a48e5f35aed5f218f7130
Malware Config
Extracted
Family
darkcomet
Botnet
Guest16
C2
6.tcp.ngrok.io:19838
6.tcp.ngrok.io:1604
Mutex
DC_MUTEX-R7Y8PG9
Attributes
-
InstallPath
Java/exe
-
gencode
aE8nfjsgA5tn
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
Java
Signatures
-
Darkcomet family
Files
-
d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab.exe windows x86