General
-
Target
038d46f8398cdc25d00a9a57990a09c6df0c20650b4e210bbed8a0ffedffd248
-
Size
412KB
-
Sample
221130-yea95sce5x
-
MD5
9ea2d87a3240b1ed3572b09b6ea82184
-
SHA1
2f4693f094e2599c81b44db02c55febbfcb8c6c6
-
SHA256
038d46f8398cdc25d00a9a57990a09c6df0c20650b4e210bbed8a0ffedffd248
-
SHA512
9263a6e2db965d8b338de80acb612aa586df67d3df4e7571b460ea87dcfefe2a0c73e84176b9f7c7a316674e6567084e37d6fec242aa17f1e991d0c1b5168b6f
-
SSDEEP
6144:8EI/ei9bDWdzQC5idKSEuFgnHqn330Gf26Wgtlp8Epf2eChBjGp:TIWiDWf5iFd3rTptlVpu5BjG
Static task
static1
Behavioral task
behavioral1
Sample
038d46f8398cdc25d00a9a57990a09c6df0c20650b4e210bbed8a0ffedffd248.exe
Resource
win7-20220901-en
Malware Config
Extracted
darkcomet
FOX
victima.no-ip.org:1604
DC_MUTEX-CDCTEU8
-
gencode
vgaa5pRq69ks
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
038d46f8398cdc25d00a9a57990a09c6df0c20650b4e210bbed8a0ffedffd248
-
Size
412KB
-
MD5
9ea2d87a3240b1ed3572b09b6ea82184
-
SHA1
2f4693f094e2599c81b44db02c55febbfcb8c6c6
-
SHA256
038d46f8398cdc25d00a9a57990a09c6df0c20650b4e210bbed8a0ffedffd248
-
SHA512
9263a6e2db965d8b338de80acb612aa586df67d3df4e7571b460ea87dcfefe2a0c73e84176b9f7c7a316674e6567084e37d6fec242aa17f1e991d0c1b5168b6f
-
SSDEEP
6144:8EI/ei9bDWdzQC5idKSEuFgnHqn330Gf26Wgtlp8Epf2eChBjGp:TIWiDWf5iFd3rTptlVpu5BjG
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-