General
-
Target
6c50c8abafb090571b809b7e440760fb
-
Size
318KB
-
Sample
240121-eq156aecfq
-
MD5
6c50c8abafb090571b809b7e440760fb
-
SHA1
940400974cbe308babd859914b0f8158168a7d67
-
SHA256
987a459213fe3739f0b3a9599a965c98fd7ffe48217cb7051649767b5815a87d
-
SHA512
2e965287ef25056c6d9edd113ea87d72a674d90b01f9db97bf9092bb820bbd35cd8b125ba0593d73561f23f7916d3223322652a221258935d010ccd51f0f6878
-
SSDEEP
6144:TKjZy6NQ1xaIN8kUedSzx2ME5+b/LNWZR6c2r4/OQfUg8UW:yNQ/2kb35+nsoc2MRF
Malware Config
Targets
-
-
Target
6c50c8abafb090571b809b7e440760fb
-
Size
318KB
-
MD5
6c50c8abafb090571b809b7e440760fb
-
SHA1
940400974cbe308babd859914b0f8158168a7d67
-
SHA256
987a459213fe3739f0b3a9599a965c98fd7ffe48217cb7051649767b5815a87d
-
SHA512
2e965287ef25056c6d9edd113ea87d72a674d90b01f9db97bf9092bb820bbd35cd8b125ba0593d73561f23f7916d3223322652a221258935d010ccd51f0f6878
-
SSDEEP
6144:TKjZy6NQ1xaIN8kUedSzx2ME5+b/LNWZR6c2r4/OQfUg8UW:yNQ/2kb35+nsoc2MRF
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
HawkEye
HawkEye is a malware kit that has seen continuous development since at least 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-