General

  • Target

    bd27cbc240d8bea866f8a23dc3486a3ad15da910f51709865ce68ea612fb2b1e

  • Size

    389KB

  • MD5

    af990d48325878afb6efad6c44f9ebeb

  • SHA1

    3c4a3c04d8d78211635d5785985e50677deff0c9

  • SHA256

    bd27cbc240d8bea866f8a23dc3486a3ad15da910f51709865ce68ea612fb2b1e

  • SHA512

    67f958720d3e3b7288925f98d2172f385acda88c7cda727f8a253505f7c1194a7f93d4c742c7bc552380124ebe8c7ace068a9774c80bfc6b0de6920f6f224432

  • SSDEEP

    6144:L1/zwRQX0dH6rIV0mMMICwZv3r1bRKl0X67sle1a39xxkCTDyme2OJJaYK:L1zWavp/pdpRKl0q7skCF1TD6FXK

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-Z5HMAL1

Attributes
  • gencode

    L2p2T15qZDML

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bd27cbc240d8bea866f8a23dc3486a3ad15da910f51709865ce68ea612fb2b1e
    .zip

    Password: infected

  • 079d1841d6f0fde132f810937d247226410bbc239141493df978da344060f030.exe
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections