General
-
Target
186a7cfa0dd16e0d931c32b5617766416b8a09d00fda23b49f6e5aa60bd4a47e
-
Size
851KB
-
Sample
221130-n9j6eshd77
-
MD5
11809afb3c3e1777e6efbb5a426641b0
-
SHA1
ef713e6840fa0a049af9816bbdbec262ac5af08e
-
SHA256
186a7cfa0dd16e0d931c32b5617766416b8a09d00fda23b49f6e5aa60bd4a47e
-
SHA512
31d67debfad7af652d494a02fba26bd6fe66900b7ef51769f3aed6b9329028d63a1ac55704ad3221f894e5d637ecbfab6a68b261ed232c30657247d3759ca8c3
-
SSDEEP
24576:A////c5a2YepX2JNU4G55l1FbHcoluFLhA:/HYepVj1Fb8o8
Static task
static1
Behavioral task
behavioral1
Sample
186a7cfa0dd16e0d931c32b5617766416b8a09d00fda23b49f6e5aa60bd4a47e.exe
Resource
win7-20220901-en
Malware Config
Extracted
darkcomet
New452012
airjosh977.no-ip.biz:100
DC_MUTEX-T577G6G
-
gencode
WrgUMHjTbCs4
-
install
false
-
offline_keylogger
true
-
password
0123456789
-
persistence
false
Targets
-
-
Target
186a7cfa0dd16e0d931c32b5617766416b8a09d00fda23b49f6e5aa60bd4a47e
-
Size
851KB
-
MD5
11809afb3c3e1777e6efbb5a426641b0
-
SHA1
ef713e6840fa0a049af9816bbdbec262ac5af08e
-
SHA256
186a7cfa0dd16e0d931c32b5617766416b8a09d00fda23b49f6e5aa60bd4a47e
-
SHA512
31d67debfad7af652d494a02fba26bd6fe66900b7ef51769f3aed6b9329028d63a1ac55704ad3221f894e5d637ecbfab6a68b261ed232c30657247d3759ca8c3
-
SSDEEP
24576:A////c5a2YepX2JNU4G55l1FbHcoluFLhA:/HYepVj1Fb8o8
-
Modifies firewall policy service
-
Modifies security service
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-