General
-
Target
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29
-
Size
693KB
-
Sample
221203-fm4mjsbb2v
-
MD5
ef41698536593902b16f35201a7ec5cf
-
SHA1
a75fd23206d3b376982484c96da41eeb81386a86
-
SHA256
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29
-
SHA512
2776d0814bb0ec0f4bc97b2baafd7e9e5e24d5298015f9a1b25f09b32347ea67f8760b172a6418f4da594b1fdb065a74b08b48f452cf6b31470394b2e5988485
-
SSDEEP
12288:WIwi/NAnbFVXHNs653GAUAuvG62sMBVnZVcnOjQwBdVV05IM8ZF7z04bh:WIwi/NAbXC652AU42nlwBD65mZF7HF
Static task
static1
Behavioral task
behavioral1
Sample
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-F54S21D
-
gencode
yfe2bQYXseln
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29
-
Size
693KB
-
MD5
ef41698536593902b16f35201a7ec5cf
-
SHA1
a75fd23206d3b376982484c96da41eeb81386a86
-
SHA256
ca0db2830755df9ce272dd4f25f09568b9430c6f0a60a58d8a1ab5982322ad29
-
SHA512
2776d0814bb0ec0f4bc97b2baafd7e9e5e24d5298015f9a1b25f09b32347ea67f8760b172a6418f4da594b1fdb065a74b08b48f452cf6b31470394b2e5988485
-
SSDEEP
12288:WIwi/NAnbFVXHNs653GAUAuvG62sMBVnZVcnOjQwBdVV05IM8ZF7z04bh:WIwi/NAbXC652AU42nlwBD65mZF7HF
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-