General
-
Target
582c956eca4b7c50142ee2858111282f734007b5ab9f795759550b4de637256e
-
Size
809KB
-
Sample
221207-f5hssshb29
-
MD5
10c608c2c1c01446e0b42519f0a08d00
-
SHA1
f5202815045a395aff805d517eb1fe2f8f7b4331
-
SHA256
582c956eca4b7c50142ee2858111282f734007b5ab9f795759550b4de637256e
-
SHA512
43a885ff331d3fe0f917ccdac4e06eec02a074c458ae8642c0cc2e2085bc6c069b7ee81bf458c265f4bf3b64ceae53a9ca59a95e13bd68168709a562ab856def
-
SSDEEP
12288:V4O9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hi:VDZ1xuVVjfFoynPaVBUR8f+kN10EB
Behavioral task
behavioral1
Sample
582c956eca4b7c50142ee2858111282f734007b5ab9f795759550b4de637256e.exe
Resource
win7-20220901-en
Malware Config
Extracted
darkcomet
victime
127.0.0.1:1604
DC_MUTEX-XFK45XG
-
gencode
zbWPFqA7rV0v
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
582c956eca4b7c50142ee2858111282f734007b5ab9f795759550b4de637256e
-
Size
809KB
-
MD5
10c608c2c1c01446e0b42519f0a08d00
-
SHA1
f5202815045a395aff805d517eb1fe2f8f7b4331
-
SHA256
582c956eca4b7c50142ee2858111282f734007b5ab9f795759550b4de637256e
-
SHA512
43a885ff331d3fe0f917ccdac4e06eec02a074c458ae8642c0cc2e2085bc6c069b7ee81bf458c265f4bf3b64ceae53a9ca59a95e13bd68168709a562ab856def
-
SSDEEP
12288:V4O9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hi:VDZ1xuVVjfFoynPaVBUR8f+kN10EB
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-