Overview

overview

10

Static

static

10

872-67-0x0...ry.exe

windows7-x64

872-67-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    872-67-0x0000000000400000-0x00000000004B2000-memory.dmp

  • Size

    712KB

  • Sample

    230315-v6peasee49

  • MD5

    dfbe406edb02f1a1074d8aa0cbd4ebe2

  • SHA1

    8408af24d08999cff29b96119e660947b6c65a3b

  • SHA256

    3d02588600a58e24367ae2369d54e3ffde7341f3926a02eec504c05dc0058919

  • SHA512

    8d3dea015c94c738faffcb3b2b61a85b6842febcef162e0334d2d072032f8fadcc60f1ac84f0a50cb1469295d117802cc72e6e7f946feebec2ea5ea7de2a96c1

  • SSDEEP

    12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:eZ1xuVVjfFoynPaVBUR8f+kN10EB

Score
10/10
darkcometluxygt

Malware Config

Extracted

Family

darkcomet

Botnet

luxygt

C2

dartkom22.ddns.net:2009

Mutex

DCMIN_MUTEX-UT0S86Q

Attributes
  • InstallPath

    DCSCMIN\IMDCSC.exe

  • gencode

    fT1b0Py34wS5

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    DarkComet RAT

Targets

    • Target

      872-67-0x0000000000400000-0x00000000004B2000-memory.dmp

    • Size

      712KB

    • MD5

      dfbe406edb02f1a1074d8aa0cbd4ebe2

    • SHA1

      8408af24d08999cff29b96119e660947b6c65a3b

    • SHA256

      3d02588600a58e24367ae2369d54e3ffde7341f3926a02eec504c05dc0058919

    • SHA512

      8d3dea015c94c738faffcb3b2b61a85b6842febcef162e0334d2d072032f8fadcc60f1ac84f0a50cb1469295d117802cc72e6e7f946feebec2ea5ea7de2a96c1

    • SSDEEP

      12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:eZ1xuVVjfFoynPaVBUR8f+kN10EB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks