General
-
Target
asdasd.exe
-
Size
658KB
-
Sample
240515-mclgjscg71
-
MD5
ecefb3fa66065b034e4acf115a9fc222
-
SHA1
12bfb10b27d1142ef559f3a810eebc30c129ce72
-
SHA256
4044c28177d02b837d74373bb085d8f6af1e1e6176d3cfb5ab41c71509b6dbe0
-
SHA512
095bcff7aedc51dc8485be592c950341504dadfd3d75e2b4c8601464aa4a0198e605860ccd712b214ff2f664743eeaaacb9db7817ed1b4a32415d564aa27ab97
-
SSDEEP
12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hz:uZ1xuVVjfFoynPaVBUR8f+kN10EBN
Malware Config
Extracted
darkcomet
Guest16
0.tcp.ap.ngrok.io:19777
DC_MUTEX-PE5B3PY
-
gencode
fUUBwrWR9BW4
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
asdasd.exe
-
Size
658KB
-
MD5
ecefb3fa66065b034e4acf115a9fc222
-
SHA1
12bfb10b27d1142ef559f3a810eebc30c129ce72
-
SHA256
4044c28177d02b837d74373bb085d8f6af1e1e6176d3cfb5ab41c71509b6dbe0
-
SHA512
095bcff7aedc51dc8485be592c950341504dadfd3d75e2b4c8601464aa4a0198e605860ccd712b214ff2f664743eeaaacb9db7817ed1b4a32415d564aa27ab97
-
SSDEEP
12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hz:uZ1xuVVjfFoynPaVBUR8f+kN10EBN
-
Legitimate hosting services abused for malware hosting/C2
-