General
-
Target
60914de634edf999819750bfca780461b0ab9fa437b7a0df77bfdd60e6e703f4
-
Size
325KB
-
Sample
220731-ejq2lsgdek
-
MD5
647b48a163ebc0d166c35bc46d7b836b
-
SHA1
fdba6640e4b1e72163fc98bec1fe7cdfabe65b76
-
SHA256
60914de634edf999819750bfca780461b0ab9fa437b7a0df77bfdd60e6e703f4
-
SHA512
502b8c264a987f06cee57a8394dc0adad48e263f40022f17856b06ff9066b122cb126377b084f125316c7b7427a5649905f0f93b0f3addf3b1fd2480f487b71c
Static task
static1
Behavioral task
behavioral1
Sample
PAYMENTCONFIRMATIONREQUEST092092992outputBC94F6F.exe
Resource
win7-20220715-en
Malware Config
Extracted
darkcomet
NEWPORT1
austin.mlbfan.org:2220
DC_MUTEX-T6TM293
-
gencode
gutLHsPCWP68
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
PAYMENTCONFIRMATIONREQUEST092092992outputBC94F6F.exe
-
Size
1.5MB
-
MD5
0bdb26ca33bd21c9426be99b13227817
-
SHA1
c1db7ee7509179c95ba1fe81c1f438995b6d7dcb
-
SHA256
81be337ebb002a63ff0fff2c30060d91d9b07998e39b740a2763ab5d5cec831a
-
SHA512
a9260ac1f768db12f49aadfc719ea4bf6a71131f6a8e4da8d54be99ab429ce1ba2b660db965b7fac0c4ca32e33c575b15ae7fbe2e4699eb1bf08e1a9cf726ed8
-
Suspicious use of SetThreadContext
-