General
-
Target
345415dbeda848892a070803785da5a40db03b7800cfa726bfbe7fed3c4136a2
-
Size
520KB
-
Sample
210922-qmv1hscgg3
-
MD5
9dbffc041eb423abdbcc46e05d99899d
-
SHA1
9224ed9c8521441e787dd232e18e859c9d555e72
-
SHA256
345415dbeda848892a070803785da5a40db03b7800cfa726bfbe7fed3c4136a2
-
SHA512
dc6d503da7c0f9ae66438fe8fd6edd83556109cdba643e050dbe51b0dd9aaf594e78eb7b97a7d3bf13a47ca7b12b7e2893bbca640365f93dd4288a13cebe8128
Malware Config
Targets
-
-
Target
345415dbeda848892a070803785da5a40db03b7800cfa726bfbe7fed3c4136a2
-
Size
520KB
-
MD5
9dbffc041eb423abdbcc46e05d99899d
-
SHA1
9224ed9c8521441e787dd232e18e859c9d555e72
-
SHA256
345415dbeda848892a070803785da5a40db03b7800cfa726bfbe7fed3c4136a2
-
SHA512
dc6d503da7c0f9ae66438fe8fd6edd83556109cdba643e050dbe51b0dd9aaf594e78eb7b97a7d3bf13a47ca7b12b7e2893bbca640365f93dd4288a13cebe8128
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-