Behavioral task
behavioral1
Sample
cee4e670f5caa5f4da865a0d00549f261382aa383c0debc1f7a4d0cd183ddd9e.exe
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
General
-
Target
cee4e670f5caa5f4da865a0d00549f261382aa383c0debc1f7a4d0cd183ddd9e
-
Size
690KB
-
MD5
723baed58f250509d277de75a3178be8
-
SHA1
d5c190e5acb7f4e8d9f6286e4f48fa9bfcd1325c
-
SHA256
cee4e670f5caa5f4da865a0d00549f261382aa383c0debc1f7a4d0cd183ddd9e
-
SHA512
01af4ae85aad93e59cc93f82f82c2fc8f7b4f9166a7abdcb32b85dfd417dd379064aead960746b51d0f147fdec64ea261470de31e6fb67add96836a0651c954b
Malware Config
Extracted
Family
darkcomet
Botnet
Guest16
C2
fantomazzz.ddns.net:1604
Mutex
DC_MUTEX-H4MJNYC
Attributes
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
zASJD9aEWq6M
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Signatures
-
Darkcomet family
Files
-
cee4e670f5caa5f4da865a0d00549f261382aa383c0debc1f7a4d0cd183ddd9e.exe windows x86