General
-
Target
3bcd710396553dce718e179868b397a4659bce918f796ceadce61822d7f01c4b
-
Size
251KB
-
Sample
221001-3nfy7sddhj
-
MD5
7311b5a44dfce7fb05fbb7a9af3f9e40
-
SHA1
6580b99ed6ce5ec2257aa7c81cdbe135257807a4
-
SHA256
3bcd710396553dce718e179868b397a4659bce918f796ceadce61822d7f01c4b
-
SHA512
05a6f5b5af3c409da7c3b435bfaa519f7aad7362d48b2152ae6a5e0d5f5e0c1f5f37655a41afa47dda771ed1865efb22f2a585702aa498c9a8ebacaa789ded03
-
SSDEEP
6144:NcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37dh:NcW7KEZlPzCy37n
Behavioral task
behavioral1
Sample
3bcd710396553dce718e179868b397a4659bce918f796ceadce61822d7f01c4b.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
hnoo17.no-ip.biz:81
DC_MUTEX-QRJRZ13
-
gencode
iLoJ9nfDEXca
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
3bcd710396553dce718e179868b397a4659bce918f796ceadce61822d7f01c4b
-
Size
251KB
-
MD5
7311b5a44dfce7fb05fbb7a9af3f9e40
-
SHA1
6580b99ed6ce5ec2257aa7c81cdbe135257807a4
-
SHA256
3bcd710396553dce718e179868b397a4659bce918f796ceadce61822d7f01c4b
-
SHA512
05a6f5b5af3c409da7c3b435bfaa519f7aad7362d48b2152ae6a5e0d5f5e0c1f5f37655a41afa47dda771ed1865efb22f2a585702aa498c9a8ebacaa789ded03
-
SSDEEP
6144:NcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37dh:NcW7KEZlPzCy37n
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-