General
-
Target
73cf89c6f3fb74f1d4307bc43fa5db4ffb5f62da8ec2240e6d8c6d05159156a6
-
Size
839KB
-
Sample
221202-v9qrjadd3z
-
MD5
e42a2e438559313d3220bf5253cffc75
-
SHA1
128cb5214a6148e66b1a43ca64509fcaf622b2ce
-
SHA256
73cf89c6f3fb74f1d4307bc43fa5db4ffb5f62da8ec2240e6d8c6d05159156a6
-
SHA512
5f557f40eda2b756a89d5ed0836da0763ed8d4f7f0a5c475c285cd163267c2cb568d1e22304ee7394767441fb57ab09b330fd7e9560ee8b9c341ee3e7e36112d
-
SSDEEP
12288:Cw+VcKJDFuYlTjsMd/8D3xTS9CJTYtVSHfnLPAXpsx0GaLc/PdzFFkh+8OD6CZ0:CXDFbsMd/03xTK8TYWHM5sx0Nc/+vPU
Static task
static1
Behavioral task
behavioral1
Sample
73cf89c6f3fb74f1d4307bc43fa5db4ffb5f62da8ec2240e6d8c6d05159156a6.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Clouds
darkeyebrow.no-ip.org:1604
DCMIN_MUTEX-W4XVV25
-
gencode
8jAFNXTeDvnp
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
73cf89c6f3fb74f1d4307bc43fa5db4ffb5f62da8ec2240e6d8c6d05159156a6
-
Size
839KB
-
MD5
e42a2e438559313d3220bf5253cffc75
-
SHA1
128cb5214a6148e66b1a43ca64509fcaf622b2ce
-
SHA256
73cf89c6f3fb74f1d4307bc43fa5db4ffb5f62da8ec2240e6d8c6d05159156a6
-
SHA512
5f557f40eda2b756a89d5ed0836da0763ed8d4f7f0a5c475c285cd163267c2cb568d1e22304ee7394767441fb57ab09b330fd7e9560ee8b9c341ee3e7e36112d
-
SSDEEP
12288:Cw+VcKJDFuYlTjsMd/8D3xTS9CJTYtVSHfnLPAXpsx0GaLc/PdzFFkh+8OD6CZ0:CXDFbsMd/03xTK8TYWHM5sx0Nc/+vPU
-
Suspicious use of SetThreadContext
-