darkcomet | 16a1b938a2033df3262026a366bf3cfc | Triage

Sharing

General

Target

16a1b938a2033df3262026a366bf3cfc
Size

711KB
MD5

16a1b938a2033df3262026a366bf3cfc
SHA1

720ef5bff8f96a170a873677568e06e91a11dece
SHA256

6e0d1df229c045d0858db8ec84b7090632a32f12b24d835616d8f632365b74e9
SHA512

4772a566a703edb98892175eecfe2b29d0fc94896ec8e41b1b984005b400d74bb7525bd604fa61fe073687c2bc3ae147c765b64376acd3b45ebeed8bd9df4d48
SSDEEP

12288:t4o9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:tpZ1xuVVjfFoynPaVBUR8f+kN10EB

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a1b938a2033df3262026a366bf3cfc

Files

16a1b938a2033df3262026a366bf3cfc
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 658KB - Virtual size: 658KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ