General
-
Target
619a89b25ff451282ac15cb9f2d1b65ae3be708af486d0cf93ab7de24ca70864
-
Size
700KB
-
Sample
220730-zf5e2sgcfm
-
MD5
342eb181947548cb5470897f322580c7
-
SHA1
3875c583deb9c3be016a75f573cfe3ee062a67dd
-
SHA256
619a89b25ff451282ac15cb9f2d1b65ae3be708af486d0cf93ab7de24ca70864
-
SHA512
e4da115529384f38722b0e7bb7a78ee1b7158009a41ebbdea2dec40fb51614e6d8bcd8395e35f2d800a2e29fcfe4870fface085b74c746539b9dcf13423d9a13
Static task
static1
Behavioral task
behavioral1
Sample
619a89b25ff451282ac15cb9f2d1b65ae3be708af486d0cf93ab7de24ca70864.exe
Resource
win7-20220718-en
Malware Config
Extracted
darkcomet
Guest18
127.0.0.1:1604
mitsosan.no-ip.biz:1604
DC_MUTEX-EK9DQ8H
-
gencode
V2uuLtV8CNMk
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
619a89b25ff451282ac15cb9f2d1b65ae3be708af486d0cf93ab7de24ca70864
-
Size
700KB
-
MD5
342eb181947548cb5470897f322580c7
-
SHA1
3875c583deb9c3be016a75f573cfe3ee062a67dd
-
SHA256
619a89b25ff451282ac15cb9f2d1b65ae3be708af486d0cf93ab7de24ca70864
-
SHA512
e4da115529384f38722b0e7bb7a78ee1b7158009a41ebbdea2dec40fb51614e6d8bcd8395e35f2d800a2e29fcfe4870fface085b74c746539b9dcf13423d9a13
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-