General
-
Target
e9ec3adbfc8b34e0f9018f5449f74bd633c7d2279147f9f2bfae9d44d40fa849
-
Size
714KB
-
Sample
221128-jx48lsge98
-
MD5
3160e27b1a721c2d5826e897d8a88cd2
-
SHA1
c82ded0d87be838138e7b89641ee2d3145dfdb3e
-
SHA256
e9ec3adbfc8b34e0f9018f5449f74bd633c7d2279147f9f2bfae9d44d40fa849
-
SHA512
18e89ae081dc00ef1534ef116eaa72be40f84afcdb73e6958ed0e5cb19e3cbd842978bdf2dd1e24c22a686b8a0b9a37d0a57339a02b764308776f21acecce157
-
SSDEEP
12288:aBCv6Lx8ckslStluh/g60Mi6ItMKp67/m5EZ2anOZnjWnpw2KtW31j6a9G8M:X+xLleM/g60MpItvQ7Oq0aOcL31d
Static task
static1
Behavioral task
behavioral1
Sample
e9ec3adbfc8b34e0f9018f5449f74bd633c7d2279147f9f2bfae9d44d40fa849.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Youtube
sockproxy.no-ip.biz:1604
DC_MUTEX-2S21NCP
-
gencode
HMlSQr6NWU7H
-
install
false
-
offline_keylogger
true
-
password
s7rjj2l
-
persistence
false
Targets
-
-
Target
e9ec3adbfc8b34e0f9018f5449f74bd633c7d2279147f9f2bfae9d44d40fa849
-
Size
714KB
-
MD5
3160e27b1a721c2d5826e897d8a88cd2
-
SHA1
c82ded0d87be838138e7b89641ee2d3145dfdb3e
-
SHA256
e9ec3adbfc8b34e0f9018f5449f74bd633c7d2279147f9f2bfae9d44d40fa849
-
SHA512
18e89ae081dc00ef1534ef116eaa72be40f84afcdb73e6958ed0e5cb19e3cbd842978bdf2dd1e24c22a686b8a0b9a37d0a57339a02b764308776f21acecce157
-
SSDEEP
12288:aBCv6Lx8ckslStluh/g60Mi6ItMKp67/m5EZ2anOZnjWnpw2KtW31j6a9G8M:X+xLleM/g60MpItvQ7Oq0aOcL31d
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-