General
-
Target
7db758016ef62e6f59638c802a2864f02185fecb0376cb30cdec099eb5d68678
-
Size
756KB
-
Sample
220725-eymbzaefcp
-
MD5
a38605fad8fc3709658eda57d21d72ce
-
SHA1
2b95162d9f5695ba00b3600b368ee397ef91ebf5
-
SHA256
7db758016ef62e6f59638c802a2864f02185fecb0376cb30cdec099eb5d68678
-
SHA512
f03628a84d9e76b3be1131fcd6a5ab0606bfa1ce56d8ab4076b0e45c46ea3b5316e85a4adf868115183c02c05da6b1b1516e34e191ba0b52fb81fa714b48f0ab
Behavioral task
behavioral1
Sample
7db758016ef62e6f59638c802a2864f02185fecb0376cb30cdec099eb5d68678.exe
Resource
win7-20220715-en
Malware Config
Extracted
darkcomet
Kolyan
127.0.0.1:1604
DC_MUTEX-AMRV1MW
-
gencode
cZcxYGR8DzKJ
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
7db758016ef62e6f59638c802a2864f02185fecb0376cb30cdec099eb5d68678
-
Size
756KB
-
MD5
a38605fad8fc3709658eda57d21d72ce
-
SHA1
2b95162d9f5695ba00b3600b368ee397ef91ebf5
-
SHA256
7db758016ef62e6f59638c802a2864f02185fecb0376cb30cdec099eb5d68678
-
SHA512
f03628a84d9e76b3be1131fcd6a5ab0606bfa1ce56d8ab4076b0e45c46ea3b5316e85a4adf868115183c02c05da6b1b1516e34e191ba0b52fb81fa714b48f0ab
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-