General
-
Target
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d
-
Size
1.2MB
-
Sample
221003-rqggzaahgm
-
MD5
6db68fd708c703cd425fe8b3f6d07c60
-
SHA1
238dc0b0b8746bb7d9027963dfc45d17d4108b08
-
SHA256
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d
-
SHA512
a2f3012b83990d967a682c1acd6c92123b121f3b2a9faaf9fa44ca097dcf8dd394aa1b704237dd1e763e27005200a75c42dcfaa86bdbc8f1974e4f1bad74ea3e
-
SSDEEP
24576:5vOTggIRfmQX3zRYC6FVZPv+FWe4YsVEz:tjYlDZ3+UTVEz
Static task
static1
Behavioral task
behavioral1
Sample
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
darkcomet
Guest16
bzhacker.no-ip.biz:1604
bzhacker.no-ip.biz:110
bzhacker.no-ip.biz:84
DC_MUTEX-92K99GS
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
kLepfPEBxSqW
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Targets
-
-
Target
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d
-
Size
1.2MB
-
MD5
6db68fd708c703cd425fe8b3f6d07c60
-
SHA1
238dc0b0b8746bb7d9027963dfc45d17d4108b08
-
SHA256
6e309f91bda425f0ed2cea66c1f3fd954f68db4c2d948df51b3516ab3f83146d
-
SHA512
a2f3012b83990d967a682c1acd6c92123b121f3b2a9faaf9fa44ca097dcf8dd394aa1b704237dd1e763e27005200a75c42dcfaa86bdbc8f1974e4f1bad74ea3e
-
SSDEEP
24576:5vOTggIRfmQX3zRYC6FVZPv+FWe4YsVEz:tjYlDZ3+UTVEz
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-