General
-
Target
DarkComet v5.3.rar
-
Size
13.7MB
-
Sample
241208-efv66a1nfw
-
MD5
baef6cbef0f114ac72cb6d309e2cc1d0
-
SHA1
b6aee79d2797370090cba1eb1cbdb2c7aef01c0a
-
SHA256
58958e1762681ffa3c18fb4de3899d0f7056f6a820dc1befafb335efe06d4cda
-
SHA512
9f763127994d572aac91d166098c8b2f665d7832bf23ba718543de9758be43f75aa018d8e74840a1b2f9b754954aae00171c8500facbfbd5daeacbd65fe9c825
-
SSDEEP
393216:E9xjHesTgWJr2XCCPWNz0u/cVz83UmTuJsU27K7IrkoDA:Kj+SkCsWNYyc9oEB29o0A
Behavioral task
behavioral1
Sample
DarkComet v5.3/DarkComet.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
DarkComet v5.3/DarkComet.exe
-
Size
11.3MB
-
MD5
d761f3aa64064a706a521ba14d0f8741
-
SHA1
ab7382bcfdf494d0327fccce9c884592bcc1adeb
-
SHA256
21ca06b18698d14154a45822aaae1e3837d168cc7630bcd3ec3d8c68aaa959e6
-
SHA512
d2274c03f805a5cd62104492e154fc225c3f6997091accb2f4bff165308fc82ba0d9adf185ec744222bcb4ece08d1ba754a35a2d88c10c5743f4d2e66494377f
-
SSDEEP
196608:TPvqxSrDTVokQwhM/kSEMTQINokXJw7lW740VeqQPR:LCxSrFokQw2NjUYuWU0t
-
Darkcomet family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-