General
-
Target
171081d695ecf0db8485b7e43cc6c040N.exe
-
Size
324KB
-
Sample
240722-1t4lcazfpf
-
MD5
171081d695ecf0db8485b7e43cc6c040
-
SHA1
31c898e6c145dcb7a3621e6c793d3d4518c88031
-
SHA256
faf79c3d3d8a5aa612dda3996cae5580d3f9ccf6ab68a9137dbd937f58bb1b65
-
SHA512
d219b49dca50fd9b50ac9267aa74ed9cac34675f39bd3c4f59f761aa98415423d8c62416dd501abe5e8cec5ca8e9089f046635b9c0a6b5871ce7c82424272650
-
SSDEEP
6144:cvhFCYZdP5aHNn1s7C+3S4R5wQrV/YbZwZ3ssu4eqswN8s1Pf4NAGy5uRyXR6P+R:TQdwHNn1OCN4MQEZwUqsA
Static task
static1
Behavioral task
behavioral1
Sample
171081d695ecf0db8485b7e43cc6c040N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
171081d695ecf0db8485b7e43cc6c040N.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
darkcomet
Guest16
betclock.zapto.org:35000
DC_MUTEX-LCQCVNZ
-
gencode
MGDU5FhLNYez
-
install
false
-
offline_keylogger
true
-
password
0123456789
-
persistence
false
Targets
-
-
Target
171081d695ecf0db8485b7e43cc6c040N.exe
-
Size
324KB
-
MD5
171081d695ecf0db8485b7e43cc6c040
-
SHA1
31c898e6c145dcb7a3621e6c793d3d4518c88031
-
SHA256
faf79c3d3d8a5aa612dda3996cae5580d3f9ccf6ab68a9137dbd937f58bb1b65
-
SHA512
d219b49dca50fd9b50ac9267aa74ed9cac34675f39bd3c4f59f761aa98415423d8c62416dd501abe5e8cec5ca8e9089f046635b9c0a6b5871ce7c82424272650
-
SSDEEP
6144:cvhFCYZdP5aHNn1s7C+3S4R5wQrV/YbZwZ3ssu4eqswN8s1Pf4NAGy5uRyXR6P+R:TQdwHNn1OCN4MQEZwUqsA
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-