General
-
Target
6ed9ff5400c6d67dd68f7bdbb5842e72
-
Size
248KB
-
Sample
240122-f8x2wshdfp
-
MD5
6ed9ff5400c6d67dd68f7bdbb5842e72
-
SHA1
b5ad87074f158a42a45832fef59eac05ac50390b
-
SHA256
53f4ab940cb6d4b4139e87468285c2533b930373edda76d80f79ef6daa99c988
-
SHA512
82d91179ca9de6917eb289993e974b1ef0024f04632906233c010025589dfa1ca6e5ea54e271bfee2557451f588a1d441789f7dcb341335329a42997dc16a2da
-
SSDEEP
6144:XwT5O7pJmNB6dLY6dCnnsyZLHoaIyv6ocU/qxDS2xDWb3cw0:XP+NULZdCn3TbncU2D7Ab3
Behavioral task
behavioral1
Sample
6ed9ff5400c6d67dd68f7bdbb5842e72.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcomet
Guest16
stuck.zapto.org:22
DC_MUTEX-F54S21D
-
gencode
NKNzdqT5jz9W
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6ed9ff5400c6d67dd68f7bdbb5842e72
-
Size
248KB
-
MD5
6ed9ff5400c6d67dd68f7bdbb5842e72
-
SHA1
b5ad87074f158a42a45832fef59eac05ac50390b
-
SHA256
53f4ab940cb6d4b4139e87468285c2533b930373edda76d80f79ef6daa99c988
-
SHA512
82d91179ca9de6917eb289993e974b1ef0024f04632906233c010025589dfa1ca6e5ea54e271bfee2557451f588a1d441789f7dcb341335329a42997dc16a2da
-
SSDEEP
6144:XwT5O7pJmNB6dLY6dCnnsyZLHoaIyv6ocU/qxDS2xDWb3cw0:XP+NULZdCn3TbncU2D7Ab3
-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-