General

  • Target

    bdc9fa03150b08bd14d06c994f5d291e

  • Size

    658KB

  • MD5

    bdc9fa03150b08bd14d06c994f5d291e

  • SHA1

    e55517f4b36aacd990888c75158ed3fe319b12ff

  • SHA256

    43bfc71737bff97fad2484a55e501262e2b25a03aac1a200843f3222f3dcc9a4

  • SHA512

    391864de4bb581961b77b12d3e7247a37c0f11ebe120e41fc83f2513133459c2ea7543e566f84da35b6f86588ef891c96db9c671b9515571d3edc693b61f1a46

  • SSDEEP

    12288:+9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hu:KZ1xuVVjfFoynPaVBUR8f+kN10EBQ

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Kurban

C2

dghc.duckdns.org:6868

Mutex

DC_MUTEX-C66RVZ8

Attributes
  • gencode

    mrGdL8mQN2sD

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bdc9fa03150b08bd14d06c994f5d291e
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections