General
-
Target
5f658d272e0f940451890bcb0d15aea2839df2bd1bf59bb004f42e591926b28d
-
Size
662KB
-
Sample
221019-2pvnbabgbp
-
MD5
915cdf286ecfee093a31b737f22b43e0
-
SHA1
902ca851fb183ae8d0d17b8bd17509e81f939583
-
SHA256
5f658d272e0f940451890bcb0d15aea2839df2bd1bf59bb004f42e591926b28d
-
SHA512
2622b8d105f17c80b1590f1ea43bbbb09644300546c381b6dc08ab86541d99b9b8d2d0d5be5296af5ff2d4c8a8ab86a0c0836bd07e54916c35fae557465148eb
-
SSDEEP
12288:xiShEbFEGI58aLqN5YRNnZd6lQghXJuUzFbPHhyRgGhhahcjgmFijdbtDFZ/:sSiktLqGdY5W/
Static task
static1
Behavioral task
behavioral1
Sample
5f658d272e0f940451890bcb0d15aea2839df2bd1bf59bb004f42e591926b28d.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
darkcometger.zapto.org:21
DC_MUTEX-M0EUZ5H
-
gencode
kDadR43787yc
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
5f658d272e0f940451890bcb0d15aea2839df2bd1bf59bb004f42e591926b28d
-
Size
662KB
-
MD5
915cdf286ecfee093a31b737f22b43e0
-
SHA1
902ca851fb183ae8d0d17b8bd17509e81f939583
-
SHA256
5f658d272e0f940451890bcb0d15aea2839df2bd1bf59bb004f42e591926b28d
-
SHA512
2622b8d105f17c80b1590f1ea43bbbb09644300546c381b6dc08ab86541d99b9b8d2d0d5be5296af5ff2d4c8a8ab86a0c0836bd07e54916c35fae557465148eb
-
SSDEEP
12288:xiShEbFEGI58aLqN5YRNnZd6lQghXJuUzFbPHhyRgGhhahcjgmFijdbtDFZ/:sSiktLqGdY5W/
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-