General
-
Target
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2
-
Size
670KB
-
Sample
221130-3ng69sad6z
-
MD5
03270502295221b4bf9a3632f2bf66c0
-
SHA1
267d2f598e7506d1a18f18e87e979c22eb661bfa
-
SHA256
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2
-
SHA512
ea0fcf2aa15316e23af00b11f731580dc71fa384b33014131180110b20bd66552728a25ebfa2ee66f8ae63c7e31cdccb5ef17ef617937070cebf6ff6b8e01a32
-
SSDEEP
12288:4KeElqElPQGmPynqwVU+M+Rzh7rlA2zslx8KkyK+OtGE577wOyorOhCAEGpqa:4K9lVZYP1wVH7rlA2zaxZkJ+OhIOFrO1
Static task
static1
Behavioral task
behavioral1
Sample
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
darkcomet
Guest16_min
127.0.0.1:1997
DCMIN_MUTEX-EW4T4NZ
-
gencode
vs1vR0t4lqKv
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2
-
Size
670KB
-
MD5
03270502295221b4bf9a3632f2bf66c0
-
SHA1
267d2f598e7506d1a18f18e87e979c22eb661bfa
-
SHA256
a9a208068f14d6eef0d622d70fe80a4b3c42e5504559d266d17b06b92b74fde2
-
SHA512
ea0fcf2aa15316e23af00b11f731580dc71fa384b33014131180110b20bd66552728a25ebfa2ee66f8ae63c7e31cdccb5ef17ef617937070cebf6ff6b8e01a32
-
SSDEEP
12288:4KeElqElPQGmPynqwVU+M+Rzh7rlA2zslx8KkyK+OtGE577wOyorOhCAEGpqa:4K9lVZYP1wVH7rlA2zaxZkJ+OhIOFrO1
Score10/10-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-