General
-
Target
48c318b8647d5dc9b50edfb08029469253488d3ee3a550566ebd627c2d026b94
-
Size
794KB
-
Sample
221126-qfmesshh2x
-
MD5
bfdd64eac3e32996a815d0f1c6d4c692
-
SHA1
dc73f585c095891c8845246fa63188b8bc9641fc
-
SHA256
48c318b8647d5dc9b50edfb08029469253488d3ee3a550566ebd627c2d026b94
-
SHA512
425b0c1857a7f52176b4420cb1d2d996f788122898a1ddaa5fbd7a4641e5d1cba0169bfd2e38fdb67a53a98e8d04db0b5b5da14f01ac203a744945b01d65a325
-
SSDEEP
24576:yEZNRsdMGxCM6MS+eo8h99opIeEu+ouOWPQ:rRtGd6fo8b9xeTJqQ
Behavioral task
behavioral1
Sample
48c318b8647d5dc9b50edfb08029469253488d3ee3a550566ebd627c2d026b94.exe
Resource
win7-20221111-en
Malware Config
Extracted
darkcomet
Guest16
niekjannssen.no-ip.biz:1604
DC_MUTEX-210MFEF
-
gencode
GyGRnPYl6veT
-
install
false
-
offline_keylogger
true
-
password
123456
-
persistence
false
Targets
-
-
Target
48c318b8647d5dc9b50edfb08029469253488d3ee3a550566ebd627c2d026b94
-
Size
794KB
-
MD5
bfdd64eac3e32996a815d0f1c6d4c692
-
SHA1
dc73f585c095891c8845246fa63188b8bc9641fc
-
SHA256
48c318b8647d5dc9b50edfb08029469253488d3ee3a550566ebd627c2d026b94
-
SHA512
425b0c1857a7f52176b4420cb1d2d996f788122898a1ddaa5fbd7a4641e5d1cba0169bfd2e38fdb67a53a98e8d04db0b5b5da14f01ac203a744945b01d65a325
-
SSDEEP
24576:yEZNRsdMGxCM6MS+eo8h99opIeEu+ouOWPQ:rRtGd6fo8b9xeTJqQ
-
Suspicious use of SetThreadContext
-