darkcomet | c4fe153ba3ee750132d82a39399df2cdaf2151588897e5bcfe9ee9616eec76c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4fe153ba3ee750132d82a39399df2cdaf2151588897e5bcfe9ee9616eec76c2
Size

659KB
Sample

221123-3rxfcsgc9w
MD5

5ec311cfedddd5ef6f0bf976f1a3ca40
SHA1

05964debaf7bb8fdb478512e7a4e498320ed571f
SHA256

c4fe153ba3ee750132d82a39399df2cdaf2151588897e5bcfe9ee9616eec76c2
SHA512

a470e15d527f19b3aea3a1fea32ac8a59091e57534776034a3f84a17385c90f9946a0dbeca7527e6ed7b54355edf59ba6ced2680e9d9a64383e31d26d4131e44
SSDEEP

12288:r9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hg:lZ1xuVVjfFoynPaVBUR8f+kN10EBe

Score

10^/10

darkcomet keriz

Malware Config

Extracted

Family

darkcomet

Botnet

keriz

C2

127.0.0.1:5205

timezone.twilightparadox.com:5205

Mutex

rmla�dnme<u27X-8BB081Y

Attributes

InstallPath
MSDCSC\msdcsc.exe
gencode
BUqp02JgoNec
install
true
offline_keylogger
true
password
benim5205
persistence
true
reg_key
NvidiaUpdate

Targets

- Target
  
  c4fe153ba3ee750132d82a39399df2cdaf2151588897e5bcfe9ee9616eec76c2
- Size
  
  659KB
- MD5
  
  5ec311cfedddd5ef6f0bf976f1a3ca40
- SHA1
  
  05964debaf7bb8fdb478512e7a4e498320ed571f
- SHA256
  
  c4fe153ba3ee750132d82a39399df2cdaf2151588897e5bcfe9ee9616eec76c2
- SHA512
  
  a470e15d527f19b3aea3a1fea32ac8a59091e57534776034a3f84a17385c90f9946a0dbeca7527e6ed7b54355edf59ba6ced2680e9d9a64383e31d26d4131e44
- SSDEEP
  
  12288:r9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hg:lZ1xuVVjfFoynPaVBUR8f+kN10EBe
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2