General
-
Target
10e49103552351743df1d7529ed3d8334d16473b34667b9b342bfc8f90520e86
-
Size
764KB
-
Sample
240321-v7abrsde32
-
MD5
7f4e4fd9b5d9815962707caf0f480ee6
-
SHA1
7d308eca9af081101448f6298fa73934088e921c
-
SHA256
10e49103552351743df1d7529ed3d8334d16473b34667b9b342bfc8f90520e86
-
SHA512
e368cb118efe05554c95c7cf69c2044e28a45ff0cd3803d02924f3a9fd1dde8f4f3a2ca8b9379fefcc76f8ffe952b15022fa78a86ddaa912e7bf8937a786cc46
-
SSDEEP
12288:XjWf+Fsx9aVdKEIu9g2iSqklsjeBPJk3j9hSG/GQX/:Xi3OdKxF5Ilxo3jWqr/
Static task
static1
Behavioral task
behavioral1
Sample
10e49103552351743df1d7529ed3d8334d16473b34667b9b342bfc8f90520e86.exe
Resource
win7-20240221-en
Malware Config
Extracted
darkcomet
Guest16
rhmanbinn.no-ip.biz:1604
DC_MUTEX-D6CZ3Y2
-
gencode
h4vMzvxAMngd
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
10e49103552351743df1d7529ed3d8334d16473b34667b9b342bfc8f90520e86
-
Size
764KB
-
MD5
7f4e4fd9b5d9815962707caf0f480ee6
-
SHA1
7d308eca9af081101448f6298fa73934088e921c
-
SHA256
10e49103552351743df1d7529ed3d8334d16473b34667b9b342bfc8f90520e86
-
SHA512
e368cb118efe05554c95c7cf69c2044e28a45ff0cd3803d02924f3a9fd1dde8f4f3a2ca8b9379fefcc76f8ffe952b15022fa78a86ddaa912e7bf8937a786cc46
-
SSDEEP
12288:XjWf+Fsx9aVdKEIu9g2iSqklsjeBPJk3j9hSG/GQX/:Xi3OdKxF5Ilxo3jWqr/
-
UPX dump on OEP (original entry point)
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-