General
-
Target
bbdec755964b8bf23a09498831dcca47.exe
-
Size
656KB
-
Sample
211006-lfb7lsahf5
-
MD5
bbdec755964b8bf23a09498831dcca47
-
SHA1
ba7b48208197ff675d03268e14f05ed7808c67bc
-
SHA256
6d9c353dc658f47d47d01c5e58d60b562cea4f2d22c233ea46913d0b5596113a
-
SHA512
600c4164a2147733e76faf0c69a2e921b006352f92eed60e4fad2cfd858964569524850c673af7494adafbcd3b2f78c0a0d7c0d2c6134c1580e5197665ad9441
Static task
static1
Behavioral task
behavioral1
Sample
bbdec755964b8bf23a09498831dcca47.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
bbdec755964b8bf23a09498831dcca47.exe
Resource
win10-en-20210920
Malware Config
Extracted
darkcomet
Guest16
sommerishere.sytes.net:1678
ommerishere.sytes.net:1678
ommerishere.sytes.net:1679
DC_MUTEX-3YA4GBR
-
gencode
C8EBUD2QBFHF
-
install
false
-
offline_keylogger
true
-
password
likethat@123
-
persistence
false
Targets
-
-
Target
bbdec755964b8bf23a09498831dcca47.exe
-
Size
656KB
-
MD5
bbdec755964b8bf23a09498831dcca47
-
SHA1
ba7b48208197ff675d03268e14f05ed7808c67bc
-
SHA256
6d9c353dc658f47d47d01c5e58d60b562cea4f2d22c233ea46913d0b5596113a
-
SHA512
600c4164a2147733e76faf0c69a2e921b006352f92eed60e4fad2cfd858964569524850c673af7494adafbcd3b2f78c0a0d7c0d2c6134c1580e5197665ad9441
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-