General

  • Target

    60052b3ac07aa83c31aea92b33a24d86b26c6d684e505aec5117c3dabebfaa02

  • Size

    265KB

  • MD5

    aa62d4cd3775fc75fc22c4f4a6833626

  • SHA1

    03ce2c205b38c58d94b005336c648720ae2b5ef7

  • SHA256

    60052b3ac07aa83c31aea92b33a24d86b26c6d684e505aec5117c3dabebfaa02

  • SHA512

    f3aeca42a8883a60a2c0ec93721da1df5a177c1085380de631bb5ccc3948c58561e022d5f709dd3eba1b59a29a1cd54eee41562de91442da941cbb521b27b784

  • SSDEEP

    6144:NtjMMVn4/9FnVPDwdKwTkvCMGsetl93CV2zSXiSGAw+OIod:XQMVn4VFVPkdPhZwO8aZIod

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Extreme

C2

k1ll3rs0m3th1ng.ddns.net:1605

Mutex

DC_MUTEX-T0JZP9U

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    QKrpda9N1q7r

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

  • Darkcomet family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 60052b3ac07aa83c31aea92b33a24d86b26c6d684e505aec5117c3dabebfaa02
    .rar
  • Facebook Hack Tool 1.4.exe
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections