General
-
Target
be8971292c6bd69cc35e85b1a51b3fb6a2224153df1fe7ee232d850e68c2274f
-
Size
986KB
-
Sample
221203-gsy5paah39
-
MD5
4c1d2a8b7c254fffd508cf3f5b00248b
-
SHA1
bf252688fe160e89ef2bdb8af66d9935e7c9f1cd
-
SHA256
be8971292c6bd69cc35e85b1a51b3fb6a2224153df1fe7ee232d850e68c2274f
-
SHA512
5b157be5f89fac3cde83c8260c4c479a6c122276f8aca6944f56cfea8fbda30afdaea670a100b44a4da1a912b75b2ca7710aec4e314dc4bd024a5f95e481f530
-
SSDEEP
24576:jMEhOtMkrJtb0fOspDZ1lS127B3+h4emPWR09Bop:gEh2rJS7pVi2wXQKp
Static task
static1
Behavioral task
behavioral1
Sample
be8971292c6bd69cc35e85b1a51b3fb6a2224153df1fe7ee232d850e68c2274f.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
12345.no-ip.biz:1177
DC_MUTEX-4A5MDFX
-
gencode
ny0zwZA8Xxph
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
be8971292c6bd69cc35e85b1a51b3fb6a2224153df1fe7ee232d850e68c2274f
-
Size
986KB
-
MD5
4c1d2a8b7c254fffd508cf3f5b00248b
-
SHA1
bf252688fe160e89ef2bdb8af66d9935e7c9f1cd
-
SHA256
be8971292c6bd69cc35e85b1a51b3fb6a2224153df1fe7ee232d850e68c2274f
-
SHA512
5b157be5f89fac3cde83c8260c4c479a6c122276f8aca6944f56cfea8fbda30afdaea670a100b44a4da1a912b75b2ca7710aec4e314dc4bd024a5f95e481f530
-
SSDEEP
24576:jMEhOtMkrJtb0fOspDZ1lS127B3+h4emPWR09Bop:gEh2rJS7pVi2wXQKp
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-