General
-
Target
9b057a1a962cbd14cc9cd2243525d3bf
-
Size
1.3MB
-
Sample
240214-hf657sbg21
-
MD5
9b057a1a962cbd14cc9cd2243525d3bf
-
SHA1
dea9c45fafa3bfd3b8c9dfa63958b3896d0f5773
-
SHA256
42d116a8708b11e0c457361674e92d9dcad99ee680e69ddd44e0c1b7798f60cf
-
SHA512
07ffb3a616dc63673065b4d8c95a5c27d20ce90ce55312a403d75d38a7ca80eefc72707cd5dc541b64c7b40e64993a607532ce963ff8db888addcf1bbd75469c
-
SSDEEP
12288:opU9b5pYXaiDT93Y3GliEB+VF1R89Q9Xxr/v/tF0ZS/iGDnl724MIc5JOa0EFmDi:Z9b43B3laV1n7qeryMsRVWQf7QTBztcX
Static task
static1
Behavioral task
behavioral1
Sample
9b057a1a962cbd14cc9cd2243525d3bf.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9b057a1a962cbd14cc9cd2243525d3bf.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-F54S21D
-
gencode
JC94jarSGJfC
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
9b057a1a962cbd14cc9cd2243525d3bf
-
Size
1.3MB
-
MD5
9b057a1a962cbd14cc9cd2243525d3bf
-
SHA1
dea9c45fafa3bfd3b8c9dfa63958b3896d0f5773
-
SHA256
42d116a8708b11e0c457361674e92d9dcad99ee680e69ddd44e0c1b7798f60cf
-
SHA512
07ffb3a616dc63673065b4d8c95a5c27d20ce90ce55312a403d75d38a7ca80eefc72707cd5dc541b64c7b40e64993a607532ce963ff8db888addcf1bbd75469c
-
SSDEEP
12288:opU9b5pYXaiDT93Y3GliEB+VF1R89Q9Xxr/v/tF0ZS/iGDnl724MIc5JOa0EFmDi:Z9b43B3laV1n7qeryMsRVWQf7QTBztcX
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-