General
-
Target
csgocheats.bin
-
Size
251KB
-
Sample
220716-nqlj5sbef3
-
MD5
c005eb7f7944cbcd4d9d51ae29ef65d8
-
SHA1
b242d76d29366b738f7b440f3eb605da0fbad953
-
SHA256
42cadb98f1c11097d4225b2362e6401fe0f824a252f678cc56f7f8ccc3aa864a
-
SHA512
7fabd9d0cf5f19ec5239e4ae26b4ab68ca39d422030760abd18ec2872c70da842c403f16b32efd262933e212bd4c91e2a0545f8cf93ef5739e10c5471a38a1b9
Behavioral task
behavioral1
Sample
csgocheats.exe
Resource
win7-20220414-en
Malware Config
Extracted
darkcomet
Guest16
6.tcp.eu.ngrok.io:15880
6.tcp.eu.ngrok.io:1604
DC_MUTEX-0RVKWFZ
-
gencode
Bb0ltx0SSKFL
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
csgocheats.bin
-
Size
251KB
-
MD5
c005eb7f7944cbcd4d9d51ae29ef65d8
-
SHA1
b242d76d29366b738f7b440f3eb605da0fbad953
-
SHA256
42cadb98f1c11097d4225b2362e6401fe0f824a252f678cc56f7f8ccc3aa864a
-
SHA512
7fabd9d0cf5f19ec5239e4ae26b4ab68ca39d422030760abd18ec2872c70da842c403f16b32efd262933e212bd4c91e2a0545f8cf93ef5739e10c5471a38a1b9
-
suricata: ET MALWARE Backdoor.Win32.DarkComet Screenshot Upload Successful
suricata: ET MALWARE Backdoor.Win32.DarkComet Screenshot Upload Successful
-
Suspicious use of SetThreadContext
-