Overview

overview

10

Static

static

10

38683526d6...0e.exe

windows7-x64

10

38683526d6...0e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    38683526d66ace16fb35c9c177b71ae91fe457e3bd65b195a89cc64b8870e30e

  • Size

    728KB

  • MD5

    9175686e2c8283f5777a4d7835c18bf0

  • SHA1

    8608b83bf93e1559951dd6f5a45b966ac6cbe8a4

  • SHA256

    38683526d66ace16fb35c9c177b71ae91fe457e3bd65b195a89cc64b8870e30e

  • SHA512

    1a6d50607f400a3a61e53c38cf3910447714de95e0da41355b323de304e987c368c7aaff3bd6b35ca0dd2f6edf686c11fc11311bfab61badba1baa9ed6188c70

  • SSDEEP

    12288:N9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLd9EkNC/:nZ1xuVVjfFoynPaVBUR8f+kN1PEd

Score
10/10
upxguest16darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

hossamamin.no-ip.biz:1604

Mutex

DC_MUTEX-MT0SXVH

Attributes
  • gencode

    zlZ986FnEe8D

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
    darkcomet
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 38683526d66ace16fb35c9c177b71ae91fe457e3bd65b195a89cc64b8870e30e
    .exe windows x86


    Headers

    Sections