Overview

overview

10

Static

static

10

1080-37-0x...ry.exe

windows7-x64

1080-37-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1080-37-0x0000000000400000-0x00000000004B2000-memory.dmp

  • Size

    712KB

  • Sample

    230904-ezzzfsdf4x

  • MD5

    944981c12af24fbe497f847727cda73b

  • SHA1

    e777fd4ea40639ac687cdcb27159c8d4b763b96a

  • SHA256

    09c53278c0eabe629c6474f1278c68496de520022c3de8b328247fc3f09b63cb

  • SHA512

    b758c58836698d5f6cc79b4ef97aa368554ef90fcb01b59923ca9ca49ac85023e694e1ff1c853e4d23269401e2c412eb9c0c80e15cef8f1d302531fe5a28e298

  • SSDEEP

    12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:eZ1xuVVjfFoynPaVBUR8f+kN10EB

Score
10/10
darkcometseptember 2023

Malware Config

Extracted

Family

darkcomet

Botnet

September 2023

C2

bonding79.ddns.net:3316

goodgt79.ddns.net:3316

whatis79.ddns.net:3316

smath79.ddns.net:3316

jacknop79.ddns.net:3316

chrisle79.ddns.net:3316
Mutex

DC_MUTEX-UZKN5K0

Attributes
  • gencode

    wEEnKBEF7keh

  • install

    false

  • offline_keylogger

    true

  • password

    Password20$

  • persistence

    false

Targets

    • Target

      1080-37-0x0000000000400000-0x00000000004B2000-memory.dmp

    • Size

      712KB

    • MD5

      944981c12af24fbe497f847727cda73b

    • SHA1

      e777fd4ea40639ac687cdcb27159c8d4b763b96a

    • SHA256

      09c53278c0eabe629c6474f1278c68496de520022c3de8b328247fc3f09b63cb

    • SHA512

      b758c58836698d5f6cc79b4ef97aa368554ef90fcb01b59923ca9ca49ac85023e694e1ff1c853e4d23269401e2c412eb9c0c80e15cef8f1d302531fe5a28e298

    • SSDEEP

      12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:eZ1xuVVjfFoynPaVBUR8f+kN10EB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks