General
-
Target
b7ecccbc9bcc3fbd09245c09102b4e851efeb22e345b5e0109880989bea99068
-
Size
2.9MB
-
Sample
221130-3ekwsshf2z
-
MD5
e9bb7739e1db09a8942df152445e18ff
-
SHA1
895c28f09e710d36e6d170bc5087b00d00e860a5
-
SHA256
b7ecccbc9bcc3fbd09245c09102b4e851efeb22e345b5e0109880989bea99068
-
SHA512
52f47b013d86edfcd66b96dfd0bf558959794cc65d71c528c9e04c2f6b012d3b926ebd6f43f9f643c9abd522393f61a57949e17848e3e05d0a6236ea8f397c17
-
SSDEEP
49152:VEVUc4jyZ3hIiOnUkZATu68jUekzAWWBcbEyThiWNfYhv+lQwPh6yVkAQ7BDtt0h:VE34ViOEBpekzkB05AW62lQIkAQBP08c
Behavioral task
behavioral1
Sample
b7ecccbc9bcc3fbd09245c09102b4e851efeb22e345b5e0109880989bea99068.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
testing1337331.no-ip.org:1606
DC_MUTEX-50WL4P2
-
gencode
wzkgC9K3tBV0
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
b7ecccbc9bcc3fbd09245c09102b4e851efeb22e345b5e0109880989bea99068
-
Size
2.9MB
-
MD5
e9bb7739e1db09a8942df152445e18ff
-
SHA1
895c28f09e710d36e6d170bc5087b00d00e860a5
-
SHA256
b7ecccbc9bcc3fbd09245c09102b4e851efeb22e345b5e0109880989bea99068
-
SHA512
52f47b013d86edfcd66b96dfd0bf558959794cc65d71c528c9e04c2f6b012d3b926ebd6f43f9f643c9abd522393f61a57949e17848e3e05d0a6236ea8f397c17
-
SSDEEP
49152:VEVUc4jyZ3hIiOnUkZATu68jUekzAWWBcbEyThiWNfYhv+lQwPh6yVkAQ7BDtt0h:VE34ViOEBpekzkB05AW62lQIkAQBP08c
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-