General
-
Target
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4
-
Size
1.4MB
-
Sample
220720-ys8skaaagm
-
MD5
d8e78b26af7ad29c66f5e9c1b8ef7bbc
-
SHA1
ae6f2f962b9163d3a09fc90ad7073a84492d4501
-
SHA256
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4
-
SHA512
37329a82839a712518e8563ecd54213739cbf8a7b049666df31de164405e63719b401109ec849d00abb25bb65b874c7f13ff772b67c8349b3ca3ccdf59a95c85
Static task
static1
Behavioral task
behavioral1
Sample
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
darkcomet
MAGA GRACE
tonero.hopto.org:1909
DCMIN_MUTEX-J3ZFYZF
-
gencode
ApB1WE59rKFw
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4
-
Size
1.4MB
-
MD5
d8e78b26af7ad29c66f5e9c1b8ef7bbc
-
SHA1
ae6f2f962b9163d3a09fc90ad7073a84492d4501
-
SHA256
4db880d06d70679951f0a8596bdfdb680992ca504d76ec321d2e391bcead54c4
-
SHA512
37329a82839a712518e8563ecd54213739cbf8a7b049666df31de164405e63719b401109ec849d00abb25bb65b874c7f13ff772b67c8349b3ca3ccdf59a95c85
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-