General
-
Target
58ff044c3c5e9c44e4ded1231b4abad96d12f49748bae95dc7de49b73d874338
-
Size
667KB
-
Sample
221130-3ppyhaae6s
-
MD5
fbf84cbdf4efe67da221a482fff467ce
-
SHA1
b8058c6cb8f6f845fb110f72053ec03db9bb4b52
-
SHA256
58ff044c3c5e9c44e4ded1231b4abad96d12f49748bae95dc7de49b73d874338
-
SHA512
3bc72f16190c31639eeecf4f6f76dcc1c714235fa56f6b587061cbef02dea22a7e091f37530d6e040d66211dbbb9accf686d95aaaf4b500504914c06fe483973
-
SSDEEP
12288:goSZvlA+uzoR1Jl7qiK07emMP5YIU5sZstCGsOW0mGWLY1:OZvlA+VRJ407e9VUYY95
Behavioral task
behavioral1
Sample
58ff044c3c5e9c44e4ded1231b4abad96d12f49748bae95dc7de49b73d874338.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-7Q0Q66D
-
gencode
K4iuJN6l6AQq
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
58ff044c3c5e9c44e4ded1231b4abad96d12f49748bae95dc7de49b73d874338
-
Size
667KB
-
MD5
fbf84cbdf4efe67da221a482fff467ce
-
SHA1
b8058c6cb8f6f845fb110f72053ec03db9bb4b52
-
SHA256
58ff044c3c5e9c44e4ded1231b4abad96d12f49748bae95dc7de49b73d874338
-
SHA512
3bc72f16190c31639eeecf4f6f76dcc1c714235fa56f6b587061cbef02dea22a7e091f37530d6e040d66211dbbb9accf686d95aaaf4b500504914c06fe483973
-
SSDEEP
12288:goSZvlA+uzoR1Jl7qiK07emMP5YIU5sZstCGsOW0mGWLY1:OZvlA+VRJ407e9VUYY95
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-