Overview

overview

10

Static

static

10

2852-70-0x...ry.exe

windows7-x64

2852-70-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2852-70-0x0000000000400000-0x00000000004B2000-memory.dmp

  • Size

    712KB

  • Sample

    230722-z6nvzscb52

  • MD5

    5b6f8244d6e5b11cd91033d68efa4d2e

  • SHA1

    552a39f90a3a9b93668c4cb9f839ab0439ea8afc

  • SHA256

    1c7d1b70553930ba03dda96399ef53aad8b18a18d28bfd8166a24716485b005e

  • SHA512

    a870acc0f7d51df1df5e81c44db59f3466d66bff96a3c93832f5ff3bb9772b5807cef28af4aa8b7cd4d1db2ea44926c705221f04543879847bf3c2a0b5ebe3b9

  • SSDEEP

    12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:uZ1xuVVjfFoynPaVBUR8f+kN10EB

Score
10/10
darkcometguest16_min

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

127.0.0.1:1604

Mutex

DCMIN_MUTEX-04BX3P3

Attributes
  • gencode

    LXPM46nVMwyf

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      2852-70-0x0000000000400000-0x00000000004B2000-memory.dmp

    • Size

      712KB

    • MD5

      5b6f8244d6e5b11cd91033d68efa4d2e

    • SHA1

      552a39f90a3a9b93668c4cb9f839ab0439ea8afc

    • SHA256

      1c7d1b70553930ba03dda96399ef53aad8b18a18d28bfd8166a24716485b005e

    • SHA512

      a870acc0f7d51df1df5e81c44db59f3466d66bff96a3c93832f5ff3bb9772b5807cef28af4aa8b7cd4d1db2ea44926c705221f04543879847bf3c2a0b5ebe3b9

    • SSDEEP

      12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:uZ1xuVVjfFoynPaVBUR8f+kN10EB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks