Overview

overview

10

Static

static

10

2088-330-0...ry.exe

windows7-x64

2088-330-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2088-330-0x0000000000400000-0x00000000004B7000-memory.dmp

  • Size

    732KB

  • MD5

    6656edb398c7239a16906de0f80dd037

  • SHA1

    6c696918a61a9be3592d3caee4ceea70dd09b3e3

  • SHA256

    fb0fa16f7e6a417fdaa3430691431fe27d662a991c9dfc8b69ca6dddc14ddf60

  • SHA512

    23586cda74c2ee57511dd2cc7fda58d9701e5dcb85a1304808cf85aad9a7859841d2cc9f623b5e26b2e9e2dc13ce5bc49ccd9339ebdcf67aa89d3c0129d3f5ed

  • SSDEEP

    12288:5cH9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9EkZQ/:6Z1xuVVjfFoynPaVBUR8f+kN10EL

Score
10/10
upxnew-july-july4-0darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

New-July-July4-0

C2

45.74.4.244:35800

Mutex

DC_MUTEX-RT27KF0

Attributes
  • gencode

    cKUHbX2GsGhs

  • install

    false

  • offline_keylogger

    true

  • password

    hhhhhh

  • persistence

    false

Signatures

  • Darkcomet family
    darkcomet
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 2088-330-0x0000000000400000-0x00000000004B7000-memory.dmp
    .exe windows x86


    Headers

    Sections