General
-
Target
cdcbef9468496cd757f531e70ae814364734e7e06fb1685b41768b8cb3a13b3e
-
Size
284KB
-
Sample
221201-acy2esgd94
-
MD5
d5a63e3923e6303bfddf09ad0ed4e180
-
SHA1
7116926ad42ba42e7cc029125e65ba7f7b30bcad
-
SHA256
cdcbef9468496cd757f531e70ae814364734e7e06fb1685b41768b8cb3a13b3e
-
SHA512
88edb26a18dec93e77c1ff3d2b2c9634b88edd1f334139bcf5a9986171d17c1b36fbd2b12901677cb29df5304257f0f7c2c70661777c3f5346e0effc43ca422c
-
SSDEEP
6144:aSMziw0/rI69JTH87oG2gAON1kBOFq8ApM9:aSMz0/L1YoLDLBc3ApM9
Static task
static1
Behavioral task
behavioral1
Sample
cdcbef9468496cd757f531e70ae814364734e7e06fb1685b41768b8cb3a13b3e.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
DarkComet
swixtor.no-ip.org:200
DC_MUTEX-8T9CL5E
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
lq9FU6ZBn2HD
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Targets
-
-
Target
cdcbef9468496cd757f531e70ae814364734e7e06fb1685b41768b8cb3a13b3e
-
Size
284KB
-
MD5
d5a63e3923e6303bfddf09ad0ed4e180
-
SHA1
7116926ad42ba42e7cc029125e65ba7f7b30bcad
-
SHA256
cdcbef9468496cd757f531e70ae814364734e7e06fb1685b41768b8cb3a13b3e
-
SHA512
88edb26a18dec93e77c1ff3d2b2c9634b88edd1f334139bcf5a9986171d17c1b36fbd2b12901677cb29df5304257f0f7c2c70661777c3f5346e0effc43ca422c
-
SSDEEP
6144:aSMziw0/rI69JTH87oG2gAON1kBOFq8ApM9:aSMz0/L1YoLDLBc3ApM9
-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-