General
-
Target
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238
-
Size
728KB
-
Sample
221019-3lnahadcgm
-
MD5
90e29f3da7468b6999d7a553d60c8500
-
SHA1
d4a6bc081a5c7d5b866f94f17ab590170daa1893
-
SHA256
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238
-
SHA512
bc62f5fe8cd3790ce6dec077b4526982dde84692e9a0b71dbe0877f40906dd94425015ad30c9cf82e848f48c558f307a5d82533750e0e979cfa9c21b6bc4b0b4
-
SSDEEP
12288:L7iArVhsYv8Owh0voX0Vnbnv5AkxbhcbiUq8ClqulwvsHLZBO9X:L7T3Q0v2WRfbuuUqVIvIVSX
Static task
static1
Behavioral task
behavioral1
Sample
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
darkcomet
Guest16_min
127.0.0.1:1604
DCMIN_MUTEX-VF5VAAH
-
gencode
DXEfTzvFoZfA
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238
-
Size
728KB
-
MD5
90e29f3da7468b6999d7a553d60c8500
-
SHA1
d4a6bc081a5c7d5b866f94f17ab590170daa1893
-
SHA256
0c71e6093bc6619be0915f156e4bae73c7a82edb97d81b36e94d321d6b558238
-
SHA512
bc62f5fe8cd3790ce6dec077b4526982dde84692e9a0b71dbe0877f40906dd94425015ad30c9cf82e848f48c558f307a5d82533750e0e979cfa9c21b6bc4b0b4
-
SSDEEP
12288:L7iArVhsYv8Owh0voX0Vnbnv5AkxbhcbiUq8ClqulwvsHLZBO9X:L7T3Q0v2WRfbuuUqVIvIVSX
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-