General
-
Target
0e88801eda127156d4c54457ebf6e283c46c2f3f9afe001c20820afb27a1a925
-
Size
658KB
-
Sample
221011-k9s7jsfgb8
-
MD5
56964a965da08db5ee1b7fe60d4cff33
-
SHA1
268afb89b0efbd938ccd87a372e890df1ab99383
-
SHA256
0e88801eda127156d4c54457ebf6e283c46c2f3f9afe001c20820afb27a1a925
-
SHA512
455bc090271e7792a32b831d3a964c73b45af3a651912aed8ce55066454d4302d62fb5773fe1eba24602d48f02d12c422181b528cb955a096c98656b308a82f0
-
SSDEEP
12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h0:OZ1xuVVjfFoynPaVBUR8f+kN10EBy
Behavioral task
behavioral1
Sample
0e88801eda127156d4c54457ebf6e283c46c2f3f9afe001c20820afb27a1a925.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
exe
amsrafik.no-ip.biz:1604
DC_MUTEX-RXHBBQD
-
gencode
QeWYnQnEyjw2
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
0e88801eda127156d4c54457ebf6e283c46c2f3f9afe001c20820afb27a1a925
-
Size
658KB
-
MD5
56964a965da08db5ee1b7fe60d4cff33
-
SHA1
268afb89b0efbd938ccd87a372e890df1ab99383
-
SHA256
0e88801eda127156d4c54457ebf6e283c46c2f3f9afe001c20820afb27a1a925
-
SHA512
455bc090271e7792a32b831d3a964c73b45af3a651912aed8ce55066454d4302d62fb5773fe1eba24602d48f02d12c422181b528cb955a096c98656b308a82f0
-
SSDEEP
12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h0:OZ1xuVVjfFoynPaVBUR8f+kN10EBy
-
Suspicious use of SetThreadContext
-