General
-
Target
79ad6abe442b9e7120ca8b44d9c5f4a187d67d27d25d7ce2be64f011431633a0
-
Size
544KB
-
Sample
211005-rt11saacel
-
MD5
70370dcb2ad41fb78d0439236518c6c2
-
SHA1
35d86808ab71511ca0aaf5268dad6644718d3eb3
-
SHA256
79ad6abe442b9e7120ca8b44d9c5f4a187d67d27d25d7ce2be64f011431633a0
-
SHA512
7d697c6a89c0b9b7eb57ba4df5feba4aeac410187187ab67779f8f300eb7f908925df62ef9b11923337f55b4a805ef68c719432caa3c880d1d26c63cd35fb0ee
Static task
static1
Behavioral task
behavioral1
Sample
79ad6abe442b9e7120ca8b44d9c5f4a187d67d27d25d7ce2be64f011431633a0.exe
Resource
win10v20210408
Malware Config
Extracted
darkcomet
Guest16
sommerishere.sytes.net:1678
ommerishere.sytes.net:1678
ommerishere.sytes.net:1679
DC_MUTEX-3YA4GBR
-
gencode
C8EBUD2QBFHF
-
install
false
-
offline_keylogger
true
-
password
likethat@123
-
persistence
false
Targets
-
-
Target
79ad6abe442b9e7120ca8b44d9c5f4a187d67d27d25d7ce2be64f011431633a0
-
Size
544KB
-
MD5
70370dcb2ad41fb78d0439236518c6c2
-
SHA1
35d86808ab71511ca0aaf5268dad6644718d3eb3
-
SHA256
79ad6abe442b9e7120ca8b44d9c5f4a187d67d27d25d7ce2be64f011431633a0
-
SHA512
7d697c6a89c0b9b7eb57ba4df5feba4aeac410187187ab67779f8f300eb7f908925df62ef9b11923337f55b4a805ef68c719432caa3c880d1d26c63cd35fb0ee
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-