General
-
Target
304-71-0x0000000000400000-0x00000000004BA000-memory.dmp
-
Size
744KB
-
MD5
6076e6592e5b9eb5bf92420cbf03d135
-
SHA1
4dab4969d4622873fb6e3fbad0ff942819510c05
-
SHA256
b3d25794fd1ad7c820ce1baddd806870aaaf7ac4f6af7577293b5d256e3b0bf4
-
SHA512
a96ed3ee56f86e4baea4a37864d7f41a44852cfa7667ff65aef10dc7c14bb149ea3b2ef12f3fa0cf7e09f68e721ea97085653710949fd80b722bc1dca488a145
-
SSDEEP
12288:Sk9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9EkNC/:dZ1xuVVjfFoynPaVBUR8f+kN10Ed
Score
10/10
Malware Config
Extracted
Family
darkcomet
Botnet
IYKE LOGS
C2
127.0.0.1:1604
Mutex
DC_MUTEX-U2T3MAJ
Attributes
-
gencode
vb23itbmycw8
-
install
false
-
offline_keylogger
true
-
password
raz@1234567890
-
persistence
false
Signatures
-
Darkcomet family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
304-71-0x0000000000400000-0x00000000004BA000-memory.dmp
Headers
Sections