General

  • Target

    cae4a7b8cdb6fb668682d466b33d1bed6fadccd96fe39ccf18362aae6d03746a

  • Size

    749KB

  • MD5

    f21b50008f7b80420eb4b47761a284c4

  • SHA1

    7a12185d5c6904dc4cf76d57cb137f71ac76947d

  • SHA256

    cae4a7b8cdb6fb668682d466b33d1bed6fadccd96fe39ccf18362aae6d03746a

  • SHA512

    33d68a60e8675cd1b6b84b32318fec815f4d37120ea2df8b950c410d7cc37be98a98729cfa9c13cdcb95ec5b8edba1644a39eabdb85253ee47a35c2577c061a4

  • SSDEEP

    12288:l9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hg4pjvcz:vZ1xuVVjfFoynPaVBUR8f+kN10EB5jv0

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

HF

C2

127.0.0.1:83

127.0.0.1:1604

thailandhack.no-ip.org:1604

Mutex

DC_MUTEX-Q91687Y

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    AZDzCddgYAPM

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Signatures

Files

  • cae4a7b8cdb6fb668682d466b33d1bed6fadccd96fe39ccf18362aae6d03746a
    .exe windows x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections