General
-
Target
fdie.exe
-
Size
349KB
-
Sample
240407-k1emsshh54
-
MD5
16fc0818c01b213c1dda3e2c6500b2b5
-
SHA1
41782495122094490f024cfc7de8f75c4ea366a1
-
SHA256
16c8b807fb271c9fa9257adecc6fedb9b43a7b3ca7e2bce2c5797a68f3895a75
-
SHA512
1a373a5b02eb6389310240a2c51e64f084ba087f2628653806f70da726767a2ce9d6d57c23638825d082027369fc837cbacfa98531b5bbfac355034ab2e0bbf0
-
SSDEEP
6144:FcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37NRI2RwplSZkOiu9PZ/p:FcW7KEZlPzCy37NxRPNVR
Behavioral task
behavioral1
Sample
fdie.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fdie.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
fdie.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-Z0Y353G
-
gencode
TrmiFnKugxo0
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
fdie.exe
-
Size
349KB
-
MD5
16fc0818c01b213c1dda3e2c6500b2b5
-
SHA1
41782495122094490f024cfc7de8f75c4ea366a1
-
SHA256
16c8b807fb271c9fa9257adecc6fedb9b43a7b3ca7e2bce2c5797a68f3895a75
-
SHA512
1a373a5b02eb6389310240a2c51e64f084ba087f2628653806f70da726767a2ce9d6d57c23638825d082027369fc837cbacfa98531b5bbfac355034ab2e0bbf0
-
SSDEEP
6144:FcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37NRI2RwplSZkOiu9PZ/p:FcW7KEZlPzCy37NxRPNVR
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Drops file in Drivers directory
-