General
-
Target
de065a8341b7a637be0107ceef17b4d7
-
Size
755KB
-
Sample
240325-psjzrsaf2x
-
MD5
de065a8341b7a637be0107ceef17b4d7
-
SHA1
9587a1c776cb833f0b012930b473f88bd1363062
-
SHA256
31a73247f851ee3026ea9d4037a210aa915d422dc6622e3df88af5b5b7e0579e
-
SHA512
378d6c8f123283f3a29a59d8f97b121df1b7d5a5a468d1555ebd616c2a78309493d568e4db7b499601518c04467601e9fa4dc30a8191c472289ba15a6c3eb41a
-
SSDEEP
12288:p5eGs/77oay7+D5y4eq6/Okz7+KP/GVHA/bORHPe59PW/b+LUM29yeI4SRcW:0UBaD44e5LP1bSenPN2OCW
Static task
static1
Behavioral task
behavioral1
Sample
de065a8341b7a637be0107ceef17b4d7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
de065a8341b7a637be0107ceef17b4d7.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
darkcomet
Guest16
142.4.223.94:443
DC_MUTEX-2N3MUT2
-
gencode
tlBxLk56TrBk
-
install
false
-
offline_keylogger
true
-
password
azerty123
-
persistence
false
Targets
-
-
Target
de065a8341b7a637be0107ceef17b4d7
-
Size
755KB
-
MD5
de065a8341b7a637be0107ceef17b4d7
-
SHA1
9587a1c776cb833f0b012930b473f88bd1363062
-
SHA256
31a73247f851ee3026ea9d4037a210aa915d422dc6622e3df88af5b5b7e0579e
-
SHA512
378d6c8f123283f3a29a59d8f97b121df1b7d5a5a468d1555ebd616c2a78309493d568e4db7b499601518c04467601e9fa4dc30a8191c472289ba15a6c3eb41a
-
SSDEEP
12288:p5eGs/77oay7+D5y4eq6/Okz7+KP/GVHA/bORHPe59PW/b+LUM29yeI4SRcW:0UBaD44e5LP1bSenPN2OCW
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-