General
-
Target
27b100ab3073fc1b0b7459862930687aed91aa3fb1770e07472ac8a041fdb87f
-
Size
4.0MB
-
Sample
221126-rljfrsdb41
-
MD5
3b25dfdf3f89b0a1e161d442d1fd2227
-
SHA1
964cae96ec5364a84b13edaa305e4e3fb35fa208
-
SHA256
27b100ab3073fc1b0b7459862930687aed91aa3fb1770e07472ac8a041fdb87f
-
SHA512
cb0dcc230066c146926ffc158d47f48c33ba67970963ce72afcef3bb63166996e969f7d0318f6fb604fff54962cc8e934f55079bccec0f2a8f22e4e14ffef2d4
-
SSDEEP
24576:pVfxRoAIj5FBCQELbeNJDIe5uocMALTipn5yZ0h1j8KmGN2zbRtG23zxQ0atoYBq:9p
Behavioral task
behavioral1
Sample
27b100ab3073fc1b0b7459862930687aed91aa3fb1770e07472ac8a041fdb87f.doc
Resource
win7-20221111-en
Malware Config
Extracted
darkcomet
doc
67.242.194.118:1604
DC_MUTEX-W3TT9NP
-
gencode
QMYYWMGSMDbi
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
27b100ab3073fc1b0b7459862930687aed91aa3fb1770e07472ac8a041fdb87f
-
Size
4.0MB
-
MD5
3b25dfdf3f89b0a1e161d442d1fd2227
-
SHA1
964cae96ec5364a84b13edaa305e4e3fb35fa208
-
SHA256
27b100ab3073fc1b0b7459862930687aed91aa3fb1770e07472ac8a041fdb87f
-
SHA512
cb0dcc230066c146926ffc158d47f48c33ba67970963ce72afcef3bb63166996e969f7d0318f6fb604fff54962cc8e934f55079bccec0f2a8f22e4e14ffef2d4
-
SSDEEP
24576:pVfxRoAIj5FBCQELbeNJDIe5uocMALTipn5yZ0h1j8KmGN2zbRtG23zxQ0atoYBq:9p
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-