General
-
Target
a01097d70197391ad6ec307f0f91b5562826c3a719df9f5f9d24887c6b70f79c
-
Size
251KB
-
Sample
221014-l2z6kaadd9
-
MD5
4c5edf1a31eeb64ee48f0159d9d98fb0
-
SHA1
2f7bac6ca8d7b1cf65b6917d2b8b4b17ae25f62b
-
SHA256
a01097d70197391ad6ec307f0f91b5562826c3a719df9f5f9d24887c6b70f79c
-
SHA512
6bbb3c7a119f6b38deb2d2f25d770f26b49f02a9f69a5318bdc5739ae9c8295a822580bc6b9e3e58ca464ffb5dcdac8c9a9ca82768064b0d5fd282c3d608f1f6
-
SSDEEP
6144:fcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37+:fcW7KEZlPzCy37
Behavioral task
behavioral1
Sample
a01097d70197391ad6ec307f0f91b5562826c3a719df9f5f9d24887c6b70f79c.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
johy
johnybooy.no-ip.biz:1604
DC_MUTEX-UTSMXUR
-
gencode
P0LMN55KUSk7
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
a01097d70197391ad6ec307f0f91b5562826c3a719df9f5f9d24887c6b70f79c
-
Size
251KB
-
MD5
4c5edf1a31eeb64ee48f0159d9d98fb0
-
SHA1
2f7bac6ca8d7b1cf65b6917d2b8b4b17ae25f62b
-
SHA256
a01097d70197391ad6ec307f0f91b5562826c3a719df9f5f9d24887c6b70f79c
-
SHA512
6bbb3c7a119f6b38deb2d2f25d770f26b49f02a9f69a5318bdc5739ae9c8295a822580bc6b9e3e58ca464ffb5dcdac8c9a9ca82768064b0d5fd282c3d608f1f6
-
SSDEEP
6144:fcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37+:fcW7KEZlPzCy37
-
Suspicious use of SetThreadContext
-