General
-
Target
57d3a88fddfe1b7b95988d194d4b7f64e853ea1fff49598cb02d7bbd3f280727
-
Size
942KB
-
Sample
220919-xken3sgheq
-
MD5
202057a3fb246cac99492c8a454a940f
-
SHA1
4ab09c9640f8704a153f71ed40712f00d23c1f1b
-
SHA256
57d3a88fddfe1b7b95988d194d4b7f64e853ea1fff49598cb02d7bbd3f280727
-
SHA512
9d06ccb27cef9e62b14ef283516d95e80f5565dbc6b373939743ad4cf87d2ff489494d6ad54a6e861db0dd6de54457948a5d1847a7b0b9a5f26dd31ee7a96502
-
SSDEEP
24576:8uP6VnKsCoRr9QuA7kvtPwgc5atZS2V+Oy5AjG:8S6VFCoRr9nvzc5a7l+35aG
Behavioral task
behavioral1
Sample
57d3a88fddfe1b7b95988d194d4b7f64e853ea1fff49598cb02d7bbd3f280727.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-URDF6WZ
-
gencode
adnxApz2Tci9
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
57d3a88fddfe1b7b95988d194d4b7f64e853ea1fff49598cb02d7bbd3f280727
-
Size
942KB
-
MD5
202057a3fb246cac99492c8a454a940f
-
SHA1
4ab09c9640f8704a153f71ed40712f00d23c1f1b
-
SHA256
57d3a88fddfe1b7b95988d194d4b7f64e853ea1fff49598cb02d7bbd3f280727
-
SHA512
9d06ccb27cef9e62b14ef283516d95e80f5565dbc6b373939743ad4cf87d2ff489494d6ad54a6e861db0dd6de54457948a5d1847a7b0b9a5f26dd31ee7a96502
-
SSDEEP
24576:8uP6VnKsCoRr9QuA7kvtPwgc5atZS2V+Oy5AjG:8S6VFCoRr9nvzc5a7l+35aG
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-