General
-
Target
89da62d223755847c74cc8dd33afa6120efd33b66e087f701748659d27df5e4e
-
Size
664KB
-
Sample
221130-y23mxabh43
-
MD5
8eb6a2700352d17d461213477e70ba2f
-
SHA1
adc7a744c8b7ca15135e47db44be6ccd2614bec7
-
SHA256
89da62d223755847c74cc8dd33afa6120efd33b66e087f701748659d27df5e4e
-
SHA512
71c9222131e72b80ae850e18a30466c013c2cd43f914156685b9e1da7a569b94e01682b0254e746f0cc0b5f90a7eb2b9a8947725cb723865563c53f6f23985a4
-
SSDEEP
12288:9IWId8kNmDiaUgb0ovPCn7xTKX6WJyqLJVln+iRoKf6YDKmg9fQINvz:GTmDias7xKX1V+imUH+mH4
Static task
static1
Behavioral task
behavioral1
Sample
89da62d223755847c74cc8dd33afa6120efd33b66e087f701748659d27df5e4e.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
DC
WalruusHOST.NO-IP.Biz:1604
DC_MUTEX-TLS5WDH
-
gencode
x3l1XdbXHCdo
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
89da62d223755847c74cc8dd33afa6120efd33b66e087f701748659d27df5e4e
-
Size
664KB
-
MD5
8eb6a2700352d17d461213477e70ba2f
-
SHA1
adc7a744c8b7ca15135e47db44be6ccd2614bec7
-
SHA256
89da62d223755847c74cc8dd33afa6120efd33b66e087f701748659d27df5e4e
-
SHA512
71c9222131e72b80ae850e18a30466c013c2cd43f914156685b9e1da7a569b94e01682b0254e746f0cc0b5f90a7eb2b9a8947725cb723865563c53f6f23985a4
-
SSDEEP
12288:9IWId8kNmDiaUgb0ovPCn7xTKX6WJyqLJVln+iRoKf6YDKmg9fQINvz:GTmDias7xKX1V+imUH+mH4
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-