General

  • Target

    8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

  • Size

    658KB

  • MD5

    8b6332828d48d0c640fc3bbe1120cfa9

  • SHA1

    6582266a29c36a3fb9f7bf157d465ff9843b4bef

  • SHA256

    8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2

  • SHA512

    07719e8a78c85fc14dfe74a47caf548a09fa112c56876455806562674bb27aaa8dc136fd40b67a8eaba961d53a4c9c3a6230637bafe49feb0a52defe8de48703

  • SSDEEP

    12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFZ:SiBIGkbxqEcjsWiDxguehC2SW

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-MLSJZEK

Attributes
  • gencode

    NzJ0ZsZsDhVk

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8a387ed7c415553e0b196cc91e975b4f1de4d9212f9f82aaccc5ebf2e68965a2
    .exe windows:4 windows x86 arch:x86

    8033c11f8a2fdfc317e8655120579933


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.