General
-
Target
ccbb86ab3825a77bc82f342a1f1e712ad23ce4d87a0af1cab6ea4641db314f63
-
Size
460KB
-
Sample
221202-trpwvadc86
-
MD5
9e676e397cd348e11631e9708434bf85
-
SHA1
66549f1dd2e2148d86b8d69e704618443f857912
-
SHA256
ccbb86ab3825a77bc82f342a1f1e712ad23ce4d87a0af1cab6ea4641db314f63
-
SHA512
96eee7d793ec4bcedd6cda0b7b2732354ca93c97be121e885592a746b5e747bbfd6423442445cb56189b1fec1e3ced71a9bd0c9902ab387bb3756398fb1e3ce5
-
SSDEEP
6144:G/l15NYDITxzgsnt1aKJ5b+F6BQu8aghqocwVx2D+vZ0yZIfJnd0sCTXj/cmMkkW:MNNTxzBaKJ5CHu8KhwVxu+vS1Es8EjbC
Malware Config
Targets
-
-
Target
ccbb86ab3825a77bc82f342a1f1e712ad23ce4d87a0af1cab6ea4641db314f63
-
Size
460KB
-
MD5
9e676e397cd348e11631e9708434bf85
-
SHA1
66549f1dd2e2148d86b8d69e704618443f857912
-
SHA256
ccbb86ab3825a77bc82f342a1f1e712ad23ce4d87a0af1cab6ea4641db314f63
-
SHA512
96eee7d793ec4bcedd6cda0b7b2732354ca93c97be121e885592a746b5e747bbfd6423442445cb56189b1fec1e3ced71a9bd0c9902ab387bb3756398fb1e3ce5
-
SSDEEP
6144:G/l15NYDITxzgsnt1aKJ5b+F6BQu8aghqocwVx2D+vZ0yZIfJnd0sCTXj/cmMkkW:MNNTxzBaKJ5CHu8KhwVxu+vS1Es8EjbC
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-