General
-
Target
645a6c93449bcfb3dbaa3c016e40daf590fcc125cb3243e0fe0f34b8f8e30d52
-
Size
658KB
-
Sample
220524-3q2zfscaa5
-
MD5
98343399d5aac84bacbeddc5a3385836
-
SHA1
e1c7bb2b21d7f46de57c26b407235972b1a6e28a
-
SHA256
645a6c93449bcfb3dbaa3c016e40daf590fcc125cb3243e0fe0f34b8f8e30d52
-
SHA512
39a0daf741484e8bd692ab2abfec76f534ebb84ee72c41337d4499fba04c590da9fbd627a003038147a3dcf94b6198ab9f2cda52d480e7afd288a0f4fcc4471c
Behavioral task
behavioral1
Sample
645a6c93449bcfb3dbaa3c016e40daf590fcc125cb3243e0fe0f34b8f8e30d52.exe
Resource
win7-20220414-en
Malware Config
Extracted
darkcomet
Sazan
tfghjgnjgn.duckdns.org:1604
DC_MUTEX-VAATB5Q
-
gencode
hQ6WqukjQ8KZ
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
645a6c93449bcfb3dbaa3c016e40daf590fcc125cb3243e0fe0f34b8f8e30d52
-
Size
658KB
-
MD5
98343399d5aac84bacbeddc5a3385836
-
SHA1
e1c7bb2b21d7f46de57c26b407235972b1a6e28a
-
SHA256
645a6c93449bcfb3dbaa3c016e40daf590fcc125cb3243e0fe0f34b8f8e30d52
-
SHA512
39a0daf741484e8bd692ab2abfec76f534ebb84ee72c41337d4499fba04c590da9fbd627a003038147a3dcf94b6198ab9f2cda52d480e7afd288a0f4fcc4471c
-
Suspicious use of SetThreadContext
-