General

  • Target

    1e7b817be34945063ebd8fff3bf247ab8b808a9a2b114dfee3b4d1d2e1f54d61

  • Size

    756KB

  • MD5

    0b035ad3a6618cb2fb8829797e172ef7

  • SHA1

    4e30d859055dda0e4e40558c1e89de966d769ee6

  • SHA256

    1e7b817be34945063ebd8fff3bf247ab8b808a9a2b114dfee3b4d1d2e1f54d61

  • SHA512

    0347c04e8a79667bd150db353aa7870bf15eaa18159dea57e321756f43326ea6321d43ae53a26dd6d996c44afbb824e95f11f8ee270641e86f99644fdeedaa48

  • SSDEEP

    12288:f9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hUu:JZ1xuVVjfFoynPaVBUR8f+kN10EBKu

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

DOS

C2

5.248.21.138:1604

Mutex

DC_MUTEX-9M7JSB6

Attributes
  • InstallPath

    MSDCSC\startup.exe

  • gencode

    EJU3J6w4J0PM

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

Files

  • 1e7b817be34945063ebd8fff3bf247ab8b808a9a2b114dfee3b4d1d2e1f54d61
    .exe windows x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections