General
-
Target
74a02200862782e88cccfbfa4a9accb9c6f963036471587d36748dea1cf2993d
-
Size
1.4MB
-
Sample
221003-3hdlwsccc5
-
MD5
57c70ac8a46540077bc85eb33ffceea4
-
SHA1
1eee0eac9cd92889c2e2485fc3930251024dca3a
-
SHA256
74a02200862782e88cccfbfa4a9accb9c6f963036471587d36748dea1cf2993d
-
SHA512
8ea27a248fcb878dece1ca23f79e244e8cdb7337f3186f3c922193cacba9910f8a3ff49bfe4f13941d7d286d464e54f229408b84f816c30df8579d4387faca86
-
SSDEEP
24576:v1A/bjvJyQiFqwqbKaWbxL+YthDNRjKZmbj6MUX/4bhMtwNyAGR619Z6awzwhbiG:v1ev98aWd/zRjKZjMUX/4b2twNyAVZ6a
Behavioral task
behavioral1
Sample
74a02200862782e88cccfbfa4a9accb9c6f963036471587d36748dea1cf2993d.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
178.118.159.7:2500
DC_MUTEX-KTLT5KQ
-
gencode
NGjrQs4d1gxe
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
74a02200862782e88cccfbfa4a9accb9c6f963036471587d36748dea1cf2993d
-
Size
1.4MB
-
MD5
57c70ac8a46540077bc85eb33ffceea4
-
SHA1
1eee0eac9cd92889c2e2485fc3930251024dca3a
-
SHA256
74a02200862782e88cccfbfa4a9accb9c6f963036471587d36748dea1cf2993d
-
SHA512
8ea27a248fcb878dece1ca23f79e244e8cdb7337f3186f3c922193cacba9910f8a3ff49bfe4f13941d7d286d464e54f229408b84f816c30df8579d4387faca86
-
SSDEEP
24576:v1A/bjvJyQiFqwqbKaWbxL+YthDNRjKZmbj6MUX/4bhMtwNyAGR619Z6awzwhbiG:v1ev98aWd/zRjKZjMUX/4b2twNyAVZ6a
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-