General
-
Target
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd
-
Size
1.1MB
-
Sample
220524-s3xkdsgcb8
-
MD5
0efaae568a2ed3caf0c5515042d15f7b
-
SHA1
e64669c03a8887ee98918274735a90a15455e323
-
SHA256
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd
-
SHA512
85f7224b6a282309c95968636f974ccf21d7d7bf6a6bc72f2c472f3bcf2f3fe7359f7f2b336e8cff6e85db0db5c067e45b6a637fd18c8d4ddc3e878d1b2e33de
Behavioral task
behavioral1
Sample
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
darkcomet
Hack
127.0.0.1:1604
DC_MUTEX-XGQNJH5
-
gencode
q4tALXogPYaS
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd
-
Size
1.1MB
-
MD5
0efaae568a2ed3caf0c5515042d15f7b
-
SHA1
e64669c03a8887ee98918274735a90a15455e323
-
SHA256
9512809ee16fe65b495b07482af36e84f4b7b3bf78988e3d215b222e0aeab4fd
-
SHA512
85f7224b6a282309c95968636f974ccf21d7d7bf6a6bc72f2c472f3bcf2f3fe7359f7f2b336e8cff6e85db0db5c067e45b6a637fd18c8d4ddc3e878d1b2e33de
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-