Overview

overview

10

Static

static

10

f7d96d65f6...79.exe

windows7-x64

1

f7d96d65f6...79.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3dc167f42277c7d1fe1d7a9864d7a058c71aa44f42a3ad278b750174bdd7557

  • Size

    326KB

  • Sample

    240417-pwvwfaha4s

  • MD5

    168237214eeedf00b28cf4d3a9363f71

  • SHA1

    69a30077b35662feb597912e0ad460ed14e1fad1

  • SHA256

    f3dc167f42277c7d1fe1d7a9864d7a058c71aa44f42a3ad278b750174bdd7557

  • SHA512

    a801f312f34809060d799916102247d723c031c34e1efbe1ff35ee1b371fcd69f1b26e02cf2214fa237312ba778b9605f6920d008bf6a65b79be39dfb577dfa0

  • SSDEEP

    6144:8XNkCHnuKYUr7XtP3kSZK2gu6djvhG5/4g36ax2Uz9Lo:8XqCOunqBfjg5/4u6ax2d

Score
10/10
darkcometsazanupx

Malware Config

Extracted

Family

darkcomet

Botnet

Sazan

C2

dreamy-wildflower-77334.pktriot.net:22952

Mutex

DC_MUTEX-3E3TFM5

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    ZxS92vJY80dM

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Targets

    • Target

      f7d96d65f615fae58b42304a0e6c3e7fb4d4c07ac2c816a69a235e6fdf84db79.exe

    • Size

      732KB

    • MD5

      6cc5d7d4af0881b7302ab5a0cfb41673

    • SHA1

      f719787b0c5b09702e4d603ea0b999547f3b2eec

    • SHA256

      f7d96d65f615fae58b42304a0e6c3e7fb4d4c07ac2c816a69a235e6fdf84db79

    • SHA512

      f7f8f05eb17dced785404a1b1ce7df743ea917a496c3b176b69dfd95c544e91ddd9c6e30bc3c97946972bc70a41fa94060763d98f7f06f3a1e96e2b49480c0a6

    • SSDEEP

      12288:AcH9HGJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9EkMB/:BM1xuVVjfFoynPaVBUR8f+kN10E/

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks