General
-
Target
cc60c9a37983de8493deb44fb38b0305fd34424ab9458d44c4943e630644cb6b
-
Size
523KB
-
Sample
221128-qhrsasbb2t
-
MD5
800ca0111f78614aea28ab810b89d5a6
-
SHA1
26d1019db4e7a9ed22e1129844fece28d5115ff7
-
SHA256
cc60c9a37983de8493deb44fb38b0305fd34424ab9458d44c4943e630644cb6b
-
SHA512
594342e9dd15a3d4b48c6af149f4c9af232064d285b333d90184df23383e75f7f6cb31da30a6d5c30f4692ca7045071ef2f0f13bcb3b3d25ed684756bfe52f42
-
SSDEEP
12288:AwHqB6cDKHO6YQ88sQYDELSgmCNZ+Jh5egpKbpaNNk3J94HKCtGzBgSBy:/EH6YQ8PwhZ+JhrUbpis8HKCtGzB
Static task
static1
Behavioral task
behavioral1
Sample
cc60c9a37983de8493deb44fb38b0305fd34424ab9458d44c4943e630644cb6b.exe
Resource
win7-20221111-en
Malware Config
Extracted
darkcomet
YOUTUBE
192.99.137.90:1604
DC_MUTEX-JMCL4CE
-
gencode
BC5wo4XY20uA
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
cc60c9a37983de8493deb44fb38b0305fd34424ab9458d44c4943e630644cb6b
-
Size
523KB
-
MD5
800ca0111f78614aea28ab810b89d5a6
-
SHA1
26d1019db4e7a9ed22e1129844fece28d5115ff7
-
SHA256
cc60c9a37983de8493deb44fb38b0305fd34424ab9458d44c4943e630644cb6b
-
SHA512
594342e9dd15a3d4b48c6af149f4c9af232064d285b333d90184df23383e75f7f6cb31da30a6d5c30f4692ca7045071ef2f0f13bcb3b3d25ed684756bfe52f42
-
SSDEEP
12288:AwHqB6cDKHO6YQ88sQYDELSgmCNZ+Jh5egpKbpaNNk3J94HKCtGzBgSBy:/EH6YQ8PwhZ+JhrUbpis8HKCtGzB
-
Modifies WinLogon for persistence
-
Suspicious use of SetThreadContext
-