General
-
Target
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62
-
Size
1.4MB
-
Sample
220708-yrpy3ahcg7
-
MD5
05e353e585a4e63210b1033ea634e546
-
SHA1
3a08eb45f5728b7e3ca079064a22689c073db4cc
-
SHA256
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62
-
SHA512
3269104b839c0e8361667f316278f8f77890bc080927b4d077ca93ecbaf7a090e463686a6f5a0f9f8a4c1a1e9575f6d08ad879f48f41e345dfbb2c8453599f1e
Behavioral task
behavioral1
Sample
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
darkcomet
Guest16
darckjustcom.ddns.net:1604
DC_MUTEX-VRT41D8
-
InstallPath
MSDCSC\Java
-
gencode
Ekz53GUkqBDk
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
svchost
Targets
-
-
Target
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62
-
Size
1.4MB
-
MD5
05e353e585a4e63210b1033ea634e546
-
SHA1
3a08eb45f5728b7e3ca079064a22689c073db4cc
-
SHA256
275b17f24605e6a8d95ab23b997c25e35bc2698d44d592e0f922838cff2dfb62
-
SHA512
3269104b839c0e8361667f316278f8f77890bc080927b4d077ca93ecbaf7a090e463686a6f5a0f9f8a4c1a1e9575f6d08ad879f48f41e345dfbb2c8453599f1e
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-