Overview

overview

10

Static

static

10

d35485fe44...ab.exe

windows7_x64

10

d35485fe44...ab.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab

  • Size

    659KB

  • MD5

    5bfa0be4efc7ffb3b6e2cd63b78fbb5b

  • SHA1

    92031a89f86535db2085ed43dd8034e905169c6f

  • SHA256

    d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab

  • SHA512

    f797d3be2e3f99a621be6a0dcc0e4e1cb0bb3263192feae27828b5adf234e350d7adf84f383ef2adb6ccccce0a95a0f6e9a93601a57a48e5f35aed5f218f7130

Score
10/10
guest16darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

6.tcp.ngrok.io:19838

6.tcp.ngrok.io:1604
Mutex

DC_MUTEX-R7Y8PG9

Attributes
  • InstallPath

    Java/exe

  • gencode

    aE8nfjsgA5tn

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    Java

Signatures

Files

  • d35485fe44100a4643b22dc9ccaf443a4e98890710ee52701147e2144cf164ab
    .exe windows x86