General
-
Target
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde
-
Size
324KB
-
Sample
240730-x77ndayhle
-
MD5
32b849828ee6e240d562771b7e09fdcd
-
SHA1
2c701b47a58399459686bc9d3591f35d9bfcc001
-
SHA256
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde
-
SHA512
064c1d215ced3da9539efc13076c04b8341b15a2e48f861fb73d7b5f5054a3fa3789ff9afdeaa2014a3f1b15d52d976fb582b4013aa716ba01ac56c46f783420
-
SSDEEP
6144:cvhFCYZdP5aHNn1s7C+3S4R5wQrV/YbZwZ3ssu4eqswN8s1Pf4NAGy5uRyXR6P+R:TQdwHNn1OCN4MQEZwUqsA
Static task
static1
Behavioral task
behavioral1
Sample
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
darkcomet
Guest16
betclock.zapto.org:35000
DC_MUTEX-LCQCVNZ
-
gencode
MGDU5FhLNYez
-
install
false
-
offline_keylogger
true
-
password
0123456789
-
persistence
false
Targets
-
-
Target
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde
-
Size
324KB
-
MD5
32b849828ee6e240d562771b7e09fdcd
-
SHA1
2c701b47a58399459686bc9d3591f35d9bfcc001
-
SHA256
1d0e911fab58ded2be33b6fe01bd49754dc45fa3564b61a93078b872ee0a1dde
-
SHA512
064c1d215ced3da9539efc13076c04b8341b15a2e48f861fb73d7b5f5054a3fa3789ff9afdeaa2014a3f1b15d52d976fb582b4013aa716ba01ac56c46f783420
-
SSDEEP
6144:cvhFCYZdP5aHNn1s7C+3S4R5wQrV/YbZwZ3ssu4eqswN8s1Pf4NAGy5uRyXR6P+R:TQdwHNn1OCN4MQEZwUqsA
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-