General
-
Target
abad4ff3de3310cf9b579d89eac31a7d301031fec7099b0d516e3e0aee951ab5
-
Size
616KB
-
Sample
221130-3jcqzsaa3s
-
MD5
35a43e1e465358da33d5ffcbf35c209c
-
SHA1
d8202211ef87fc451f6178f318046d7469b0650d
-
SHA256
abad4ff3de3310cf9b579d89eac31a7d301031fec7099b0d516e3e0aee951ab5
-
SHA512
b6b6b603331e0f8ae699afbea865089d61a6ff19699f35fba92c6f4d451ae0dd5261436d6c9f8fff85b9bf58cbeba2148d905499be7285b85014560265caf0b3
-
SSDEEP
12288:qB5gALGWA5r9YfkxxLSiNp7tYeLoIBSCLsY:ujGNrY0Nbo6S0s
Static task
static1
Behavioral task
behavioral1
Sample
abad4ff3de3310cf9b579d89eac31a7d301031fec7099b0d516e3e0aee951ab5.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
193.107.16.224:5438
DC_MUTEX-ERFGKU7
-
gencode
Zva2GGrbyTGh
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
abad4ff3de3310cf9b579d89eac31a7d301031fec7099b0d516e3e0aee951ab5
-
Size
616KB
-
MD5
35a43e1e465358da33d5ffcbf35c209c
-
SHA1
d8202211ef87fc451f6178f318046d7469b0650d
-
SHA256
abad4ff3de3310cf9b579d89eac31a7d301031fec7099b0d516e3e0aee951ab5
-
SHA512
b6b6b603331e0f8ae699afbea865089d61a6ff19699f35fba92c6f4d451ae0dd5261436d6c9f8fff85b9bf58cbeba2148d905499be7285b85014560265caf0b3
-
SSDEEP
12288:qB5gALGWA5r9YfkxxLSiNp7tYeLoIBSCLsY:ujGNrY0Nbo6S0s
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-