General
-
Target
5f4a2e223d827a6d3a517767d8ee477de0948985c4fc748593529886b8240651
-
Size
910KB
-
Sample
220731-v6gpfshef8
-
MD5
3b165b5c042b776c6f666ade069d010e
-
SHA1
ccb3829d6499ef5e13e0b7a415ab7e4167127521
-
SHA256
5f4a2e223d827a6d3a517767d8ee477de0948985c4fc748593529886b8240651
-
SHA512
ea6ebea9cbdd60568033f9f07a985e6842acca1fbce7770588c7c9bde1d6bff4e15ba080c57b8bba55c772b2e8142aba1bb22219e68afbbd32d4279da4128eab
Static task
static1
Behavioral task
behavioral1
Sample
5f4a2e223d827a6d3a517767d8ee477de0948985c4fc748593529886b8240651.exe
Resource
win7-20220715-en
Malware Config
Extracted
darkcomet
Guest16
46.32.156.196:1604
DC_MUTEX-VFSZXPA
-
gencode
2zVGoXqPrq9K
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
5f4a2e223d827a6d3a517767d8ee477de0948985c4fc748593529886b8240651
-
Size
910KB
-
MD5
3b165b5c042b776c6f666ade069d010e
-
SHA1
ccb3829d6499ef5e13e0b7a415ab7e4167127521
-
SHA256
5f4a2e223d827a6d3a517767d8ee477de0948985c4fc748593529886b8240651
-
SHA512
ea6ebea9cbdd60568033f9f07a985e6842acca1fbce7770588c7c9bde1d6bff4e15ba080c57b8bba55c772b2e8142aba1bb22219e68afbbd32d4279da4128eab
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Suspicious use of SetThreadContext
-