General

  • Target

    5a699b7eadde82e36844e4eb946fc3ca20312328e7166a71e7e115706642a945

  • Size

    658KB

  • MD5

    0a35976180c666f3f57288d58f51a440

  • SHA1

    3cc2a4c4ea4007e0be0b80ce7b2bb02a14f0fa80

  • SHA256

    5a699b7eadde82e36844e4eb946fc3ca20312328e7166a71e7e115706642a945

  • SHA512

    421df068e0ba451340be1033d04e96b37ec635e0be5252eec7a1201b4f29eb19a2443d5af39e1388d34127864565ea0a8ef829adb7d2801f3ebeb403e84ee5bb

  • SSDEEP

    12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hi:eZ1xuVVjfFoynPaVBUR8f+kN10EBA

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

127.0.0.1:1604

Mutex

DCMIN_MUTEX-M02N4MN

Attributes
  • InstallPath

    DCSCMIN\IMDCSC.exe

  • gencode

    YeFV2aTnAwMs

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    DarkComet RAT

Signatures

Files

  • 5a699b7eadde82e36844e4eb946fc3ca20312328e7166a71e7e115706642a945
    .exe windows x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections