General
-
Target
73394bb1f3de631c5f0c845758c83ff4
-
Size
1.1MB
-
Sample
231226-q2ks4aahfq
-
MD5
73394bb1f3de631c5f0c845758c83ff4
-
SHA1
85a2eb61cb8ace750045ed2bdc36d83165e8abdd
-
SHA256
42ce6ab5574fbb9e287089c6b325a0e4f25b17a39dae4defc0d2bbb319b68941
-
SHA512
055b2adf104ba6f13fc609a837b1f613eb826ce48515e19677a9c00109384f3f0292d395450fd1d478023a813dce87c91fd09412ab7259340182e4e8c0908d8b
-
SSDEEP
24576:sy+uIkUtnyEEqleWB7qw9/2qMG5grBW94ZK++3Z3:bhqlb7+qMG5T94ZK++3Z3
Behavioral task
behavioral1
Sample
73394bb1f3de631c5f0c845758c83ff4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
73394bb1f3de631c5f0c845758c83ff4.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
darkcomet
Random
testinghost.zapto.org:6004
DC_MUTEX-YY9LTKJ
-
gencode
SqVNCTj5GpTx
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
73394bb1f3de631c5f0c845758c83ff4
-
Size
1.1MB
-
MD5
73394bb1f3de631c5f0c845758c83ff4
-
SHA1
85a2eb61cb8ace750045ed2bdc36d83165e8abdd
-
SHA256
42ce6ab5574fbb9e287089c6b325a0e4f25b17a39dae4defc0d2bbb319b68941
-
SHA512
055b2adf104ba6f13fc609a837b1f613eb826ce48515e19677a9c00109384f3f0292d395450fd1d478023a813dce87c91fd09412ab7259340182e4e8c0908d8b
-
SSDEEP
24576:sy+uIkUtnyEEqleWB7qw9/2qMG5grBW94ZK++3Z3:bhqlb7+qMG5T94ZK++3Z3
Score10/10-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-