General
-
Target
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca
-
Size
707KB
-
Sample
221130-x7vzksha24
-
MD5
48ab95f040f2790724875de1dadf5f99
-
SHA1
3d2e92e6803000e7d2278b356b37fdbb97599743
-
SHA256
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca
-
SHA512
525e05570e20b610e75cc159bc6f432d56dd9cc930aa36a0548eee8d3fcdc7b1cb306b2d1222fde2b6ded62aa1f40c3f8f49f0619f1189171ea8cbb31776cd1d
-
SSDEEP
12288:8Yxy/eoMJb1Bt6JIBLU30wT6CMdYdwi10vJ3qj0V+TFvXL+hS4H6bysn6:tSFG5Bt6kyZ3EgRFXL6S4H6bzn6
Static task
static1
Behavioral task
behavioral1
Sample
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
darkcomet
Guest16
drsniper.no-ip.biz:1604
DC_MUTEX-EN93DWJ
-
gencode
cfPgUzNNfyRg
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca
-
Size
707KB
-
MD5
48ab95f040f2790724875de1dadf5f99
-
SHA1
3d2e92e6803000e7d2278b356b37fdbb97599743
-
SHA256
edb8715322e536c4d68618197ad41d684c6621922a820b62287a375358bd14ca
-
SHA512
525e05570e20b610e75cc159bc6f432d56dd9cc930aa36a0548eee8d3fcdc7b1cb306b2d1222fde2b6ded62aa1f40c3f8f49f0619f1189171ea8cbb31776cd1d
-
SSDEEP
12288:8Yxy/eoMJb1Bt6JIBLU30wT6CMdYdwi10vJ3qj0V+TFvXL+hS4H6bysn6:tSFG5Bt6kyZ3EgRFXL6S4H6bzn6
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Suspicious use of SetThreadContext
-