General
-
Target
86c277d8dc9db1a266d0e1bd6532998d29193d566d7c2d43da7619c0a90f412a
-
Size
418KB
-
Sample
221203-dbm5baca7w
-
MD5
bf67fdf8fe29e6ec7308291511249a6e
-
SHA1
b73c218ad338e3e8be83ef51e30c4f510e1d877c
-
SHA256
86c277d8dc9db1a266d0e1bd6532998d29193d566d7c2d43da7619c0a90f412a
-
SHA512
11a13d788bdd8f34fd5bf852a090f2e7a96e18805da34d4d7d8ae94fdf494a4ee45601f43ea5fe2ba407c3776f81bb8ededa2a320d2390bf997b61a01ba74364
-
SSDEEP
12288:dey7BmWevJzUEWTBJ6fJGZ4JQLvISG6Ly1KsoPATVh9F4:dV7BmhzUEWCfJGRLn8Kj
Static task
static1
Behavioral task
behavioral1
Sample
86c277d8dc9db1a266d0e1bd6532998d29193d566d7c2d43da7619c0a90f412a.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
1ST
imohi999.zapto.org:1604
DC_MUTEX-6F9QUAU
-
gencode
laeZe1tFmb5q
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
86c277d8dc9db1a266d0e1bd6532998d29193d566d7c2d43da7619c0a90f412a
-
Size
418KB
-
MD5
bf67fdf8fe29e6ec7308291511249a6e
-
SHA1
b73c218ad338e3e8be83ef51e30c4f510e1d877c
-
SHA256
86c277d8dc9db1a266d0e1bd6532998d29193d566d7c2d43da7619c0a90f412a
-
SHA512
11a13d788bdd8f34fd5bf852a090f2e7a96e18805da34d4d7d8ae94fdf494a4ee45601f43ea5fe2ba407c3776f81bb8ededa2a320d2390bf997b61a01ba74364
-
SSDEEP
12288:dey7BmWevJzUEWTBJ6fJGZ4JQLvISG6Ly1KsoPATVh9F4:dV7BmhzUEWCfJGRLn8Kj
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-