General
-
Target
ad98ea7ea754fe71ec141da0be9aa3acce82fed3716c23f0d13e157e31cb3afa
-
Size
1011KB
-
Sample
221202-s1784sbb53
-
MD5
1e2ada60e9fe12be9159c1001b216bc0
-
SHA1
bb800be2c4ed227f70b9375a4e2121d748b934be
-
SHA256
ad98ea7ea754fe71ec141da0be9aa3acce82fed3716c23f0d13e157e31cb3afa
-
SHA512
f68ef9c0e2f39b5914385524b18fd18dcacf3dfa57babbd4b4bd3292c5e9e26df978bc21730428709ca9b2e7a2c7d39f9cd27537d4e00893f7fec84d88ed2904
-
SSDEEP
24576:dthEVaPqL5+4bblJFS1HIHpRhechqUwzdXcBi:FEVUcw4bblJFGH0RhizdMBi
Behavioral task
behavioral1
Sample
ad98ea7ea754fe71ec141da0be9aa3acce82fed3716c23f0d13e157e31cb3afa.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
hihi.no-ip.org:1604
DC_MUTEX-T082D78
-
gencode
XsTjKMsagH0e
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
ad98ea7ea754fe71ec141da0be9aa3acce82fed3716c23f0d13e157e31cb3afa
-
Size
1011KB
-
MD5
1e2ada60e9fe12be9159c1001b216bc0
-
SHA1
bb800be2c4ed227f70b9375a4e2121d748b934be
-
SHA256
ad98ea7ea754fe71ec141da0be9aa3acce82fed3716c23f0d13e157e31cb3afa
-
SHA512
f68ef9c0e2f39b5914385524b18fd18dcacf3dfa57babbd4b4bd3292c5e9e26df978bc21730428709ca9b2e7a2c7d39f9cd27537d4e00893f7fec84d88ed2904
-
SSDEEP
24576:dthEVaPqL5+4bblJFS1HIHpRhechqUwzdXcBi:FEVUcw4bblJFGH0RhizdMBi
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-