General

  • Target

    3c17d5d457e03602779616efbaaefa8c2334a59fe8141e1c3112f2693925c0d8

  • Size

    658KB

  • MD5

    69052b314c9159d02b26907c43ac7de0

  • SHA1

    f66bd3ee690f8a09f6b319afb19a9224c19996a8

  • SHA256

    3c17d5d457e03602779616efbaaefa8c2334a59fe8141e1c3112f2693925c0d8

  • SHA512

    7337e32ac7928b0187c06902fb0655e40dfbd047aa159a105f5b829f026fec85fb51e4554d2e6ae350a79190f5b93cc5d1b24eb90d5c5e7d60ad6163b7194c8b

  • SSDEEP

    12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hS:eZ1xuVVjfFoynPaVBUR8f+kN10EBI

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

user

C2

facebookgizem.zapto.org:81

Mutex

DCMIN_MUTEX-MBEFXN2

Attributes
  • InstallPath

    DCSCMIN\IMDCSC.exe

  • gencode

    bPtXRZdlmffQ

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    DarkComet RAT

Signatures

Files

  • 3c17d5d457e03602779616efbaaefa8c2334a59fe8141e1c3112f2693925c0d8
    .exe windows x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections