darkcomet | 67056cbd8a3692293a16c47271e78b92bb242e9c4e2bdd2026d8dd6f2f06814a | Triage

Sharing

General

Target

1924-74-0x0000000000400000-0x0000000000853000-memory.dmp
Size

4.3MB
Sample

221005-bg8l4adad2
MD5

f20afc5deb0109750aded3f0b4189ba1
SHA1

60b6a03ce7bbb986955ea7d6dadaaa99952349f6
SHA256

67056cbd8a3692293a16c47271e78b92bb242e9c4e2bdd2026d8dd6f2f06814a
SHA512

2b19d81ae9dcf1124cd361b5e375892795dcce5420b0e96c4621d848bd13878785a704a6d1509a7187458157dcd3ca46ea568c0d87708d81438bdbd85f190425
SSDEEP

98304:8QU/PUMczSwPp0UMAKZd2SEQUMCZOr1ECUMmZOr1EOUMO0ZuLVEAUMSZpq2E:8QuXrAsd2SEG0Or1EswOr1E4JuLVEWEa

Score

10^/10

darkcomet new-july-july4-02 upx

Malware Config

Extracted

Family

darkcomet

Botnet

New-July-July4-02

C2

dgorijan20785.hopto.org:35800

Mutex

DC_MUTEX-JFYU2BC

Attributes

gencode
UkVkDi2EZxxn
install
false
offline_keylogger
true
password
hhhhhh
persistence
false

Targets

- Target
  
  1924-74-0x0000000000400000-0x0000000000853000-memory.dmp
- Size
  
  4.3MB
- MD5
  
  f20afc5deb0109750aded3f0b4189ba1
- SHA1
  
  60b6a03ce7bbb986955ea7d6dadaaa99952349f6
- SHA256
  
  67056cbd8a3692293a16c47271e78b92bb242e9c4e2bdd2026d8dd6f2f06814a
- SHA512
  
  2b19d81ae9dcf1124cd361b5e375892795dcce5420b0e96c4621d848bd13878785a704a6d1509a7187458157dcd3ca46ea568c0d87708d81438bdbd85f190425
- SSDEEP
  
  98304:8QU/PUMczSwPp0UMAKZd2SEQUMCZOr1ECUMmZOr1EOUMO0ZuLVEAUMSZpq2E:8QuXrAsd2SEG0Or1EswOr1E4JuLVEWEa
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

upxnew-july-july4-02darkcomet

behavioral1

behavioral2