General
-
Target
deneee.bin
-
Size
658KB
-
Sample
220618-v2jm9aacbk
-
MD5
6663d3f6afcb01729e9fb7e9e245c1ee
-
SHA1
1b7be88046e58cdbb664dfbbfd52727ce3d5d395
-
SHA256
9434bc83bcf91eea11ec4994e62bf69d123a43106013f3e67ec1e67382fac0ae
-
SHA512
6859a85eb5fd913dd682ec97df13ebcd9c881037509233adccfe78b7c9b8219ac70575c82f6eb4a65ac5667eeb7dee29a6964dc4d1baa685d40cbac75391a58a
Behavioral task
behavioral1
Sample
deneee.exe
Resource
win7-20220414-en
Malware Config
Extracted
darkcomet
Sazan
4.tcp.ngrok.io:14402
DC_MUTEX-LQH9MR9
-
gencode
r4dACsw8cUmQ
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
deneee.bin
-
Size
658KB
-
MD5
6663d3f6afcb01729e9fb7e9e245c1ee
-
SHA1
1b7be88046e58cdbb664dfbbfd52727ce3d5d395
-
SHA256
9434bc83bcf91eea11ec4994e62bf69d123a43106013f3e67ec1e67382fac0ae
-
SHA512
6859a85eb5fd913dd682ec97df13ebcd9c881037509233adccfe78b7c9b8219ac70575c82f6eb4a65ac5667eeb7dee29a6964dc4d1baa685d40cbac75391a58a
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-