Overview

overview

10

Static

static

3

22dfc3ed78...f1.exe

windows7-x64

10

22dfc3ed78...f1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 01:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    22dfc3ed780c9bc7ad89f5dc8a6d1ef1.exe

  • Size

    748KB

  • MD5

    22dfc3ed780c9bc7ad89f5dc8a6d1ef1

  • SHA1

    a73b6c7538254357b154e21848386028cec2875d

  • SHA256

    b37654d5ddb1fadbc6c76c2df878e4169fab247a815ac3b8e022378e9adacdf0

  • SHA512

    4b17ff36940c40f5e1c44f7809a0d1f6cafd6ce0f7e4fe073bdfc659c6162ebb2b6b40dd84f2a98098c3765b2c5c5754cf376dd6f115d71fc015d35461d7ce38

  • SSDEEP

    12288:WkzKFBdWWYyIIqJRO4itiw9KODv1qWmRntufDuK8l1dUIB2vGgs:WkzGBdWpyVWO46iwHv1qLRtuITTB2egs

Score
10/10
darkcometrattrojan

Malware Config

Signatures

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

Processes

  • C:\Users\Admin\AppData\Local\Temp\22dfc3ed780c9bc7ad89f5dc8a6d1ef1.exe
    "C:\Users\Admin\AppData\Local\Temp\22dfc3ed780c9bc7ad89f5dc8a6d1ef1.exe"
    1⤵
      PID:1704
      • C:\Users\Admin\AppData\Local\Temp\file1.exe
        "C:\Users\Admin\AppData\Local\Temp\file1.exe"
        2⤵
          PID:1912
      • C:\Windows\MSDCSC\msdcsc.exe
        "C:\Windows\MSDCSC\msdcsc.exe"
        1⤵
          PID:2092

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\file1.exe
          Filesize

          3KB

          MD5

          a447798de6a0944de1b8f5a15bbb2ed7

          SHA1

          3400259248f6072f958b4eb558c2e3b28997fead

          SHA256

          e225014654488777fcc65271a0f3944f3b2d30b576b5c19f33b381f993904a42

          SHA512

          b2e5790bf11b0074046c2a5667620d186d846c4cd9c821a16075f528a571d6627555ad81debb8f5b36029a7f19410242f5b8bb008ad14b36fad5b0171d68bffd

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\file1.exe
          Filesize

          93KB

          MD5

          47bb1d0792b80b4f128276ade3966c8d

          SHA1

          8c7d7223e10003764d57987c3fd85b929c86cf82

          SHA256

          859fbc2cab4ba279ce47fdca78235a5bf825169e90bc8ffcd7da0a09ec7ae604

          SHA512

          43b2f8e8446c91fe4e5f32893ae97b07aff440691500bb61b74274f9722a089b4d161e293881c37e108ce06d4676a8416d14bd9611ea6cd78d0ff1ea028bbf75

          Download Submit

        • \Users\Admin\AppData\Local\Temp\file1.exe
          Filesize

          367KB

          MD5

          c3264fb449f349edd661e80b6f2b236c

          SHA1

          5fabb6e05bd27b4f505ac355e3511f2a72d95bf2

          SHA256

          178f07efcf05f6fc5d63dd870e019c13be599c4d1706e37a07ae41fe9e5ab046

          SHA512

          afb818bcae3e9b63981b9910e002d7eb647cd9b8586c1db29b0465c59970b6371feca6b8b94b80faca714f4129e0c6e37daba5f0f8443d6ff695e4f2d5842027

          Download Submit

        • \Users\Admin\AppData\Local\Temp\file1.exe
          Filesize

          381KB

          MD5

          c2fe0728b4381e04e7f5815182b1cdc9

          SHA1

          21cfa42c55e27ffa12fe0af7e4f53675998e9380

          SHA256

          151d3dd41927003b9bba71c4c5c6a3794f3fc0c93ff405e3b1689949a6173aa0

          SHA512

          b3c86f7d97cefd176c7cb9fce3bdcdb644b96579099e5c69a68dcd097d61ee957b9d06d9b26df518d3f0e3b9b63c975626ff22e300c683d0107ea4cdea9beaaa

          Download Submit

        • memory/1704-0-0x0000000074970000-0x0000000074F1B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1704-1-0x0000000074970000-0x0000000074F1B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1704-2-0x00000000008E0000-0x0000000000920000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1704-29-0x0000000074970000-0x0000000074F1B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1704-30-0x0000000074970000-0x0000000074F1B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/1704-31-0x00000000008E0000-0x0000000000920000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1912-26-0x0000000000400000-0x00000000004C3000-memory.dmp

          Filesize

          780KB

          Download

        • memory/1912-14-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2092-27-0x0000000000260000-0x0000000000261000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2092-28-0x0000000000400000-0x00000000004C3000-memory.dmp

          Filesize

          780KB

          Download

        • memory/2092-32-0x0000000000400000-0x00000000004C3000-memory.dmp

          Filesize

          780KB

          Download