General
-
Target
b1037141c35543b2c9df4b065317650808355a40fc48572b058105019d7021fa
-
Size
695KB
-
Sample
221001-3t48zscea2
-
MD5
b98b945b653e2d696223e0910a7cc49a
-
SHA1
24ae9191c32046ebc02c0b5a00966f28cfa68913
-
SHA256
b1037141c35543b2c9df4b065317650808355a40fc48572b058105019d7021fa
-
SHA512
c6af8398f78c7a5827e3e99fbc86b4c96d1c7a2a0245059afd7ab2580f744918a21b25fe8752076cb1a99a60647b83dd264cecac0486aa599ea221d33950d3da
-
SSDEEP
12288:W9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hTa:yZ1xuVVjfFoynPaVBUR8f+kN10EBha
Behavioral task
behavioral1
Sample
b1037141c35543b2c9df4b065317650808355a40fc48572b058105019d7021fa.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
darkcometlucahax.no-ip.org:1604
DC_MUTEX-W9VMV9J
-
gencode
X5Yxx1LWmWj5
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
b1037141c35543b2c9df4b065317650808355a40fc48572b058105019d7021fa
-
Size
695KB
-
MD5
b98b945b653e2d696223e0910a7cc49a
-
SHA1
24ae9191c32046ebc02c0b5a00966f28cfa68913
-
SHA256
b1037141c35543b2c9df4b065317650808355a40fc48572b058105019d7021fa
-
SHA512
c6af8398f78c7a5827e3e99fbc86b4c96d1c7a2a0245059afd7ab2580f744918a21b25fe8752076cb1a99a60647b83dd264cecac0486aa599ea221d33950d3da
-
SSDEEP
12288:W9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hTa:yZ1xuVVjfFoynPaVBUR8f+kN10EBha
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-