General
-
Target
e3a163607c77078735e94a225f168dc8efac90e4c112fbaded3881459666fa63N
-
Size
3.8MB
-
Sample
241031-qdj7naxlew
-
MD5
9a730aeb6145bf3f87bb2da0906d2d80
-
SHA1
13b1dc7b06c67f149f27e8ad9021d768c46aebb7
-
SHA256
e3a163607c77078735e94a225f168dc8efac90e4c112fbaded3881459666fa63
-
SHA512
ff44c9d7428af82bfc759a3730dd20ec51a4614108f7dac944dfcc1d4fabdb07b8db8814aea980101c7e4668a30f3f2a16ed1f1a64bd276d7bd0a3eb0c094d4e
-
SSDEEP
98304:vJwakG4fYrq1HJvpliCQHawbzBbGSlaUEI96kdQDanpqHrO3ndI3/lL/v7zVwwXl:vJwakG4fYrq1HJvpliCQHawbzBbGSlaj
Behavioral task
behavioral1
Sample
e3a163607c77078735e94a225f168dc8efac90e4c112fbaded3881459666fa63N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
e3a163607c77078735e94a225f168dc8efac90e4c112fbaded3881459666fa63N
-
Size
3.8MB
-
MD5
9a730aeb6145bf3f87bb2da0906d2d80
-
SHA1
13b1dc7b06c67f149f27e8ad9021d768c46aebb7
-
SHA256
e3a163607c77078735e94a225f168dc8efac90e4c112fbaded3881459666fa63
-
SHA512
ff44c9d7428af82bfc759a3730dd20ec51a4614108f7dac944dfcc1d4fabdb07b8db8814aea980101c7e4668a30f3f2a16ed1f1a64bd276d7bd0a3eb0c094d4e
-
SSDEEP
98304:vJwakG4fYrq1HJvpliCQHawbzBbGSlaUEI96kdQDanpqHrO3ndI3/lL/v7zVwwXl:vJwakG4fYrq1HJvpliCQHawbzBbGSlaj
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-