General
-
Target
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03
-
Size
849KB
-
Sample
210924-gvx1eagaf2
-
MD5
bf1bf48e54628cce8c27309c05a1edaf
-
SHA1
28af1bd896e3fdf0f902af4948b48483e0c71193
-
SHA256
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03
-
SHA512
8138f0dc6880275ad6dce4e375b53078d5b83ba36d1796d20c4c06e63c436096fb40ffd4f68a72393052368c7a44c59e71581306402ba7b52d2a65ff86eb8bee
Behavioral task
behavioral1
Sample
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03.exe
Resource
win10-en-20210920
Malware Config
Extracted
darkcomet
Guest16
ffcdds.ddns.net:1604
DC_MUTEX-XETQG0J
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
urvT6qvyMSb0
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
MicroUpdate
Targets
-
-
Target
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03
-
Size
849KB
-
MD5
bf1bf48e54628cce8c27309c05a1edaf
-
SHA1
28af1bd896e3fdf0f902af4948b48483e0c71193
-
SHA256
5d6a551a0ad117a907bcd225ea0d97355b88063e472007d33e2e159cc635fc03
-
SHA512
8138f0dc6880275ad6dce4e375b53078d5b83ba36d1796d20c4c06e63c436096fb40ffd4f68a72393052368c7a44c59e71581306402ba7b52d2a65ff86eb8bee
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-