General
-
Target
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0
-
Size
759KB
-
Sample
221021-hlkt6agch4
-
MD5
5a8b8f6969ad1562fa7429de7da84ac0
-
SHA1
b7fd78d674bd0c72a685fb3c8957118c6bc9d5e3
-
SHA256
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0
-
SHA512
a8aa1ea5a7b6ec10d75d9179f8e51b3c2be6a4acf86524e326ea1c6207a99f4ed5ce05a2ea7b1f405d4ce88db6fc27c2ce1d86fbfe482d0cdbe1416dc353364e
-
SSDEEP
12288:awoEPOA85/98nxvUy96snJFHyVKMsYghTsKi1033G6366G7pkz8fdjzfJpFSa2jf:/S5OnjAuSVKvPhTsKiIi6p81PEjf
Static task
static1
Behavioral task
behavioral1
Sample
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
darkcomet
Infected
saerchap.no-ip.biz:1604
DC_MUTEX-TBLTDNE
-
gencode
0y0oASJgFJ6Q
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0
-
Size
759KB
-
MD5
5a8b8f6969ad1562fa7429de7da84ac0
-
SHA1
b7fd78d674bd0c72a685fb3c8957118c6bc9d5e3
-
SHA256
bb91821b2eb572a4daafeaae2dedf518abe9c07104fe96f2c6281f123ad161d0
-
SHA512
a8aa1ea5a7b6ec10d75d9179f8e51b3c2be6a4acf86524e326ea1c6207a99f4ed5ce05a2ea7b1f405d4ce88db6fc27c2ce1d86fbfe482d0cdbe1416dc353364e
-
SSDEEP
12288:awoEPOA85/98nxvUy96snJFHyVKMsYghTsKi1033G6366G7pkz8fdjzfJpFSa2jf:/S5OnjAuSVKvPhTsKiIi6p81PEjf
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-