Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

841262726e...05.exe

windows7-x64

10

841262726e...05.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    841262726e83cc2a62b2c0d523426bcb6a38829b033a6530ec3e76b6521ebe05

  • Size

    522KB

  • Sample

    221127-s2jbdacg2v

  • MD5

    9dfb07602ea0746b21957d2610ed52d9

  • SHA1

    1114f93efba5d9992ad8b71363db60b24e219b6c

  • SHA256

    841262726e83cc2a62b2c0d523426bcb6a38829b033a6530ec3e76b6521ebe05

  • SHA512

    b6a646ab82e4910e818aa07525264f2548a17c42837ca3cdb871627ee4ac840501d8afa2f2c62e1ad24d06babe11cd87ab4fa8e7e373ff9590fbb9ea6f6ea464

  • SSDEEP

    12288:V5yqq4mBet9eHsgfZpj1+F2l+5IThMHChFOI1Ar0JE/ZkVSGZpU:bmW9ZSlIgl+5ITSChNaoJER

Score
10/10
darkcometlalxpersistencerattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Lalx

C2

vxqpok2983.ddns.net:1604

Mutex

DC_MUTEX-3HK5ZXQ

Attributes
  • gencode

    vKh92RY4kw3H

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      841262726e83cc2a62b2c0d523426bcb6a38829b033a6530ec3e76b6521ebe05

    • Size

      522KB

    • MD5

      9dfb07602ea0746b21957d2610ed52d9

    • SHA1

      1114f93efba5d9992ad8b71363db60b24e219b6c

    • SHA256

      841262726e83cc2a62b2c0d523426bcb6a38829b033a6530ec3e76b6521ebe05

    • SHA512

      b6a646ab82e4910e818aa07525264f2548a17c42837ca3cdb871627ee4ac840501d8afa2f2c62e1ad24d06babe11cd87ab4fa8e7e373ff9590fbb9ea6f6ea464

    • SSDEEP

      12288:V5yqq4mBet9eHsgfZpj1+F2l+5IThMHChFOI1Ar0JE/ZkVSGZpU:bmW9ZSlIgl+5ITSChNaoJER

    Score
    10/10
    darkcometlalxpersistencerattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.