General
-
Target
6cf58f2368c142d395158035df22bd24
-
Size
662KB
-
Sample
240121-lheqhsadhk
-
MD5
6cf58f2368c142d395158035df22bd24
-
SHA1
c200e4409d85d65aa6383ee38ac76f07f4ce7a6e
-
SHA256
50b3f90c2f5e44a2f6bd23b370971fa620ef0928d96130f260801d168d72470d
-
SHA512
22c825e68f7335892048a91b938a86ad6ac91c0f1fe40f2f08c5e709628cbf1dcaadc88935a87da2089203f4cd7f9bca1e34450a5a97712e807ee2a490028502
-
SSDEEP
12288:U3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/Ri:COA4aWNn/m09fKIaaBEtWq3A1Ov8Jgb4
Behavioral task
behavioral1
Sample
6cf58f2368c142d395158035df22bd24.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcomet
Guest16
lemssallek.zaptoo.org:1604
DC_MUTEX-F54S21D
-
gencode
f39UAqTQbNg7
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6cf58f2368c142d395158035df22bd24
-
Size
662KB
-
MD5
6cf58f2368c142d395158035df22bd24
-
SHA1
c200e4409d85d65aa6383ee38ac76f07f4ce7a6e
-
SHA256
50b3f90c2f5e44a2f6bd23b370971fa620ef0928d96130f260801d168d72470d
-
SHA512
22c825e68f7335892048a91b938a86ad6ac91c0f1fe40f2f08c5e709628cbf1dcaadc88935a87da2089203f4cd7f9bca1e34450a5a97712e807ee2a490028502
-
SSDEEP
12288:U3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/Ri:COA4aWNn/m09fKIaaBEtWq3A1Ov8Jgb4
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-