General
-
Target
c7fe9085173bbd961e28bbb98f3050cfb0d8aa8a0ae1e6199cbd5b3c950e91dd
-
Size
742KB
-
MD5
4bbe02ed4bf29dd5bce8bad9e6a7049c
-
SHA1
2edaa1d8cbb480658ef4d30fbde3a81d183e5c48
-
SHA256
c7fe9085173bbd961e28bbb98f3050cfb0d8aa8a0ae1e6199cbd5b3c950e91dd
-
SHA512
c75c045a7064703f6f2209f74d83433c4b22d3aef4e1905d9e6c60128ae23d75e64066b275789db15d8a30abaebcb7b4467d4218661eb6056e9b1f1b04dd4563
-
SSDEEP
12288:cXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkwh/+6oS:KnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jo
Score
10/10
Malware Config
Extracted
Family
darkcomet
Botnet
Target
C2
78.9.45.20:1604
Mutex
DCMIN_MUTEX-KYZ36HN
Attributes
-
InstallPath
DCSCMIN\IMDCSC.exe
-
gencode
QEx9U6lHHebz
-
install
true
-
offline_keylogger
true
-
persistence
false
-
reg_key
Dark
Signatures
-
Darkcomet family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
c7fe9085173bbd961e28bbb98f3050cfb0d8aa8a0ae1e6199cbd5b3c950e91dd
Headers
Sections