General
-
Target
228a641ba79d44d0961e2ca100b75b40149410a9d337758f99b749416c3690bf
-
Size
1.2MB
-
Sample
221127-wl3a4abg8t
-
MD5
31f7cc96c75fea105a94f67a93ebbb7c
-
SHA1
da32025cea2685e5b53c8b64eb138d90ed93322f
-
SHA256
228a641ba79d44d0961e2ca100b75b40149410a9d337758f99b749416c3690bf
-
SHA512
e9ba60f60573fcc0f1f9d9a9f58b19809906c2f9c1be22c1765a02a8a102bf61ec6d0d6d36d4c840a910b91b7fff1225b51c85a4989ae78e104fcb6b7bd25b36
-
SSDEEP
12288:l6Wq4aaE6KwyF5L0Y2D1PqL9iLVB83be0pHttiab+8aUAxZ99K5LT4Jap3blsGS6:zthEVaPqLoB/0tttXb656faClIGr9
Behavioral task
behavioral1
Sample
228a641ba79d44d0961e2ca100b75b40149410a9d337758f99b749416c3690bf.exe
Resource
win7-20221111-en
Malware Config
Extracted
darkcomet
Work10
jimmykarcter.ddnsking.com:1490
DC_MUTEX-F3JFPUJ
-
gencode
EbEwg5Es2Fgn
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
228a641ba79d44d0961e2ca100b75b40149410a9d337758f99b749416c3690bf
-
Size
1.2MB
-
MD5
31f7cc96c75fea105a94f67a93ebbb7c
-
SHA1
da32025cea2685e5b53c8b64eb138d90ed93322f
-
SHA256
228a641ba79d44d0961e2ca100b75b40149410a9d337758f99b749416c3690bf
-
SHA512
e9ba60f60573fcc0f1f9d9a9f58b19809906c2f9c1be22c1765a02a8a102bf61ec6d0d6d36d4c840a910b91b7fff1225b51c85a4989ae78e104fcb6b7bd25b36
-
SSDEEP
12288:l6Wq4aaE6KwyF5L0Y2D1PqL9iLVB83be0pHttiab+8aUAxZ99K5LT4Jap3blsGS6:zthEVaPqLoB/0tttXb656faClIGr9
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-