General
-
Target
c043cab402c17c7e60da9d85d3178e78ac5c7345d817e636d9638feda0b6db74
-
Size
410KB
-
Sample
221203-gnw5jaea2s
-
MD5
09fecd98f5b83c5f57911faced1d1060
-
SHA1
907256dd13588d4ec8fe10270c68b8060dab2ba7
-
SHA256
c043cab402c17c7e60da9d85d3178e78ac5c7345d817e636d9638feda0b6db74
-
SHA512
d2096db62102392b7cbbe8fbc2938c28a9a6dc16309d01825f5b79498b9e24665548f1b0b30c63ad48c96da20afa0d975e0522ef16c7cd4705a56a9984a54488
-
SSDEEP
12288:YwkHRBLs/GjFiQGEO/Udn3t0AJzQc++X8:QHRBLPIQ7fk+M
Static task
static1
Behavioral task
behavioral1
Sample
c043cab402c17c7e60da9d85d3178e78ac5c7345d817e636d9638feda0b6db74.exe
Resource
win7-20220901-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
jamawaranti.no-ip.biz:1604
DC_MUTEX-E6AHY0A
-
gencode
3V7typXAyF8z
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
c043cab402c17c7e60da9d85d3178e78ac5c7345d817e636d9638feda0b6db74
-
Size
410KB
-
MD5
09fecd98f5b83c5f57911faced1d1060
-
SHA1
907256dd13588d4ec8fe10270c68b8060dab2ba7
-
SHA256
c043cab402c17c7e60da9d85d3178e78ac5c7345d817e636d9638feda0b6db74
-
SHA512
d2096db62102392b7cbbe8fbc2938c28a9a6dc16309d01825f5b79498b9e24665548f1b0b30c63ad48c96da20afa0d975e0522ef16c7cd4705a56a9984a54488
-
SSDEEP
12288:YwkHRBLs/GjFiQGEO/Udn3t0AJzQc++X8:QHRBLPIQ7fk+M
-
Suspicious use of SetThreadContext
-