General
-
Target
28254c048dfaf66d91494ba8e64ae6261e9e370e35a9b2247fb909752f1f139d
-
Size
544KB
-
Sample
211005-wx8l9aaedr
-
MD5
91f1d5a814360fab1ebd14511c1cca2d
-
SHA1
50c022e41a38d44cdd2cfed66477b6206d291b7f
-
SHA256
28254c048dfaf66d91494ba8e64ae6261e9e370e35a9b2247fb909752f1f139d
-
SHA512
6ce276036fefc34129869d57c3832e405bac772bf2d5895074d69098c97d0dd020ef1b30f440c92c7760fc479f1a0cd8a80d61e45c8470b9ed4460c882ce74d3
Static task
static1
Behavioral task
behavioral1
Sample
28254c048dfaf66d91494ba8e64ae6261e9e370e35a9b2247fb909752f1f139d.exe
Resource
win10v20210408
Malware Config
Extracted
darkcomet
Guest16
sommerishere.sytes.net:1678
ommerishere.sytes.net:1678
ommerishere.sytes.net:1679
DC_MUTEX-3YA4GBR
-
gencode
C8EBUD2QBFHF
-
install
false
-
offline_keylogger
true
-
password
likethat@123
-
persistence
false
Targets
-
-
Target
28254c048dfaf66d91494ba8e64ae6261e9e370e35a9b2247fb909752f1f139d
-
Size
544KB
-
MD5
91f1d5a814360fab1ebd14511c1cca2d
-
SHA1
50c022e41a38d44cdd2cfed66477b6206d291b7f
-
SHA256
28254c048dfaf66d91494ba8e64ae6261e9e370e35a9b2247fb909752f1f139d
-
SHA512
6ce276036fefc34129869d57c3832e405bac772bf2d5895074d69098c97d0dd020ef1b30f440c92c7760fc479f1a0cd8a80d61e45c8470b9ed4460c882ce74d3
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-