General

  • Target

    7afba4c5e8d7bf5aa9c43315e290eea969b952b35d3c896d5eb14421a6800ffa

  • Size

    660KB

  • MD5

    0d57afa94f54f807f04290ec2d67cd87

  • SHA1

    d1bd0f41bdd780dd9f15556b9a4bd4c91d6d6875

  • SHA256

    7afba4c5e8d7bf5aa9c43315e290eea969b952b35d3c896d5eb14421a6800ffa

  • SHA512

    df44ef122102ae98673d691c41fcd137fa20f08d9c29d55d077ec416ac947b4a87a4b5f4ba9463c3d7be30d907fae306fb19ec366453f74e1ef7c5621af31c50

  • SSDEEP

    12288:kXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UO:ynAw2WWeFcfbP9VPSPMTSPL/rWvzq4J+

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

proto.no-ip.biz:1604

Mutex

VNET_MUTEX-CGA7W

Attributes
  • InstallPath

    Windows System Start\systemstart.exe

  • gencode

    zSS4wanDnlV6

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    Windows System Start

Signatures

Files

  • 7afba4c5e8d7bf5aa9c43315e290eea969b952b35d3c896d5eb14421a6800ffa
    .exe windows x86

    0476e7cb10dfdf778f67f55072917b7d


    Headers

    Imports

    Sections