General
-
Target
9ba8ddb94adc8f7e935ee4ce266a868d217840d0d42bcb9c3d6615cef9884f14
-
Size
358KB
-
Sample
220516-x21mwagbej
-
MD5
6142cafaf1d992806a02afb9bc331530
-
SHA1
2145b7fa5bc1d954d8a151bdf4380996dd220d89
-
SHA256
9ba8ddb94adc8f7e935ee4ce266a868d217840d0d42bcb9c3d6615cef9884f14
-
SHA512
7addc5880adbb33303cbfeb555a677f783cd5b2866e1aa8f1cbf65c60e931f83afe29e98974efe98bfa0f21b0de324adf18734d7fe007b2e84876df575e8f012
Behavioral task
behavioral1
Sample
9ba8ddb94adc8f7e935ee4ce266a868d217840d0d42bcb9c3d6615cef9884f14.exe
Resource
win7-20220414-en
Malware Config
Extracted
darkcomet
Slaves
82.102.24.251:21995
DC_MUTEX-02XFUF4
-
gencode
l8pBW5ke5gRG
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
9ba8ddb94adc8f7e935ee4ce266a868d217840d0d42bcb9c3d6615cef9884f14
-
Size
358KB
-
MD5
6142cafaf1d992806a02afb9bc331530
-
SHA1
2145b7fa5bc1d954d8a151bdf4380996dd220d89
-
SHA256
9ba8ddb94adc8f7e935ee4ce266a868d217840d0d42bcb9c3d6615cef9884f14
-
SHA512
7addc5880adbb33303cbfeb555a677f783cd5b2866e1aa8f1cbf65c60e931f83afe29e98974efe98bfa0f21b0de324adf18734d7fe007b2e84876df575e8f012
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-