darkcomet | 0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b | Triage

Submit
Reports

Overview

overview

Static

static

0c406eeca8...4b.exe

windows7-x64

1

0c406eeca8...4b.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

guest16_min darkcomet

1 signatures

Behavioral task

behavioral1

Sample

0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b
Size

662KB
MD5

04559bc376c68791cf0ba424783b1f40
SHA1

ae9e7019cce6cc959a611c728000ef7f5ff1679d
SHA256

0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b
SHA512

ce3b570f1fe60d1ed841e9e3185ae21c3691d8f3d5e4c8840ed9e67fe142926c379f3bfd6c3521e958be5936beae5c927507e965a64b7b66fb26c0fdc9fd5093
SSDEEP

12288:U3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/jc:COA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbs

Score

10^/10

guest16_min darkcomet

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

127.0.0.1:81

Mutex

DCMIN_MUTEX-9D1KMSV

Attributes

InstallPath
DCSCMIN\IMDCSC.exe
gencode
HEAitWBVxlwi
install
true
offline_keylogger
true
persistence
false
reg_key
DarkComet RAT

Signatures

Darkcomet family
darkcomet

Files

0c406eeca8aec2140b783bfe95a92cbf886edad5a40c47e7eba88112e8a6d44b
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 570KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 37KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy