General
-
Target
0fbee246d15b6edd2dda915775e95d6b50afeede3f532f8e938ada928031b5ddN.exe
-
Size
3.8MB
-
Sample
241201-ycxelavjcj
-
MD5
10372f7dac078227c18a03af76ae7b80
-
SHA1
5588b19f0b94b96954f3244548ae92dd83f275fd
-
SHA256
0fbee246d15b6edd2dda915775e95d6b50afeede3f532f8e938ada928031b5dd
-
SHA512
cae544c65bbb86878e476aea2fb1d7c843cd737625780999dc2b9143ea55deb8a3dcfa0bff4a0f0b880402417843770322247f576b9e84bd56750a47abefe9df
-
SSDEEP
98304:3i4hTLOMtHDMlANqnfVGPyhcMYg4lSiSLCQrdGLcjFjj/eWKS5h7EleIljztU/qg:3i4hTLOMtHDMlANqnfVGPyhcMYg4lSii
Behavioral task
behavioral1
Sample
0fbee246d15b6edd2dda915775e95d6b50afeede3f532f8e938ada928031b5ddN.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
0fbee246d15b6edd2dda915775e95d6b50afeede3f532f8e938ada928031b5ddN.exe
-
Size
3.8MB
-
MD5
10372f7dac078227c18a03af76ae7b80
-
SHA1
5588b19f0b94b96954f3244548ae92dd83f275fd
-
SHA256
0fbee246d15b6edd2dda915775e95d6b50afeede3f532f8e938ada928031b5dd
-
SHA512
cae544c65bbb86878e476aea2fb1d7c843cd737625780999dc2b9143ea55deb8a3dcfa0bff4a0f0b880402417843770322247f576b9e84bd56750a47abefe9df
-
SSDEEP
98304:3i4hTLOMtHDMlANqnfVGPyhcMYg4lSiSLCQrdGLcjFjj/eWKS5h7EleIljztU/qg:3i4hTLOMtHDMlANqnfVGPyhcMYg4lSii
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-