Behavioral task
behavioral1
Sample
a03f3f9f48a88f30a6826f42bff8e45565d2c058abed4a83725af7db272b216b.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
a03f3f9f48a88f30a6826f42bff8e45565d2c058abed4a83725af7db272b216b
-
Size
659KB
-
MD5
1d8488e1531d6a0b880347ac3c90aa55
-
SHA1
1240d4284b9a4d30b573cf3530a70cc109426051
-
SHA256
a03f3f9f48a88f30a6826f42bff8e45565d2c058abed4a83725af7db272b216b
-
SHA512
765a2a9d7f365ebc9c9082ea24ab9c5256b1bc44aa13596fec69c082cf0ac4a320f05ee78d7cd3df43237ac1246719dfc01d571bdf34d272141a5fb572e6388a
Malware Config
Extracted
Family
darkcomet
Botnet
Sazan
C2
carbonkarlduckdns.org:1604
Mutex
DC_MUTEX-A82WM2C
Attributes
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
AYz297gj1pvL
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
MicroUpdate
Signatures
-
Darkcomet family
Files
-
a03f3f9f48a88f30a6826f42bff8e45565d2c058abed4a83725af7db272b216b.exe windows x86