Overview

overview

10

Static

static

10

2e15ef27dc...bf.exe

windows7_x64

10

2e15ef27dc...bf.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e15ef27dc6e9b414c7cb2cf9ae5ce50f13f889461442c33f3128b569ede31bf

  • Size

    807KB

  • MD5

    1b65c2a3c7627597b54d16d3f1b80418

  • SHA1

    383a0d1115b33a50e7c8e9875155e9033a37c8c0

  • SHA256

    2e15ef27dc6e9b414c7cb2cf9ae5ce50f13f889461442c33f3128b569ede31bf

  • SHA512

    b7ae5b9df4758c5638a332a8896292aa0e567f0253fd8f4bbb178feb0544085889972605b49baf1e8432ab944881aad69d64a9d64968a89dee2a7ab3b9abd381

Score
10/10
sazandarkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Sazan

C2

0.tcp.ngrok.io:14298

Mutex

DC_MUTEX-03KLHJJ

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    JmWdVpbgJaAR

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

Files

  • 2e15ef27dc6e9b414c7cb2cf9ae5ce50f13f889461442c33f3128b569ede31bf
    .exe windows x86