General
-
Target
4eb0e9fe8a9f823d5498797b99c0d7c21a2cc4cfdf7808560040b2116b9dd452
-
Size
439KB
-
Sample
220720-vbld6abfh6
-
MD5
7970df345b3ee305ac6b4b028ee1d552
-
SHA1
d0c2b3ae5b4fad875a24fb80786797366647151b
-
SHA256
4eb0e9fe8a9f823d5498797b99c0d7c21a2cc4cfdf7808560040b2116b9dd452
-
SHA512
214c2dbb52d82aae810327e9f8d20594db3aa89fb1b2ae5d0d639a5a9cf554dc56dc1b8dd22a6d82b489cdd17345990519ec9deb12e9dda3e24c7843c5cb8f75
Static task
static1
Behavioral task
behavioral1
Sample
4eb0e9fe8a9f823d5498797b99c0d7c21a2cc4cfdf7808560040b2116b9dd452.exe
Resource
win7-20220715-en
Malware Config
Extracted
darkcomet
Guest16
minsuport.duckdns.org:3333
DC_MUTEX-TZSLN7R
-
gencode
KexhufRKN03t
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
4eb0e9fe8a9f823d5498797b99c0d7c21a2cc4cfdf7808560040b2116b9dd452
-
Size
439KB
-
MD5
7970df345b3ee305ac6b4b028ee1d552
-
SHA1
d0c2b3ae5b4fad875a24fb80786797366647151b
-
SHA256
4eb0e9fe8a9f823d5498797b99c0d7c21a2cc4cfdf7808560040b2116b9dd452
-
SHA512
214c2dbb52d82aae810327e9f8d20594db3aa89fb1b2ae5d0d639a5a9cf554dc56dc1b8dd22a6d82b489cdd17345990519ec9deb12e9dda3e24c7843c5cb8f75
-
Drops startup file
-
Suspicious use of SetThreadContext
-