darkcomet | 5d6a79d10e65a4bbdbf2a1e7933e2a9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d6a79d10e65a4bbdbf2a1e7933e2a9c
Size

658KB
MD5

5d6a79d10e65a4bbdbf2a1e7933e2a9c
SHA1

dcab069304819782b9b973c49a83e9b871746780
SHA256

08c8b50d8441a106047cc967a97e8820aebf45f94d3c384c65f40e5c3e28f966
SHA512

3e680063586ac7f02b3150f7d1caee0357d392b9335a05d744801cb223b0a0a0bcd56668a2042885b0f7737fbb50d6ecf0fe2a18aefe537e22260a86d56c8f90
SSDEEP

12288:ao4KdkhMQ4XdVW740WjTTPXRfurQgxGjGGpb88ikC1O9WopdH3k2/6:j/OiXdVW740aT7ZurLGjb8sC1eHU06

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d6a79d10e65a4bbdbf2a1e7933e2a9c

Files

5d6a79d10e65a4bbdbf2a1e7933e2a9c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ