General
-
Target
e8412105090ad0e9d7d905b811afd4c055f69ed631b0b6de8fe34ffac23de890.exe
-
Size
718KB
-
Sample
241210-sns9esymat
-
MD5
7a59e4b586b19bb7e57799e71831bf30
-
SHA1
260639259b3781deaed92c9c63e196a3b9c100be
-
SHA256
e8412105090ad0e9d7d905b811afd4c055f69ed631b0b6de8fe34ffac23de890
-
SHA512
e233cf418db931990a8671b6e1c7e52dc2a7595cb77e913e98c9f2c2150e6b713012cd19f2487761a8e364e320af47741cf7ab53142fe9305d7491a8b76d747c
-
SSDEEP
12288:QL88mbu2rpKomPPijFbJ34tEZCgWSZkK5VdKbggPdOXwx6vwGpy30Yw6W:b8p2goysF4taCgVRdiNlOQF30V
Static task
static1
Behavioral task
behavioral1
Sample
e8412105090ad0e9d7d905b811afd4c055f69ed631b0b6de8fe34ffac23de890.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
fo
127.0.0.1:1010
46.39.230.61:1010
DC_MUTEX-PR2UBLF
-
gencode
ovcHaFsW9bRT
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
e8412105090ad0e9d7d905b811afd4c055f69ed631b0b6de8fe34ffac23de890.exe
-
Size
718KB
-
MD5
7a59e4b586b19bb7e57799e71831bf30
-
SHA1
260639259b3781deaed92c9c63e196a3b9c100be
-
SHA256
e8412105090ad0e9d7d905b811afd4c055f69ed631b0b6de8fe34ffac23de890
-
SHA512
e233cf418db931990a8671b6e1c7e52dc2a7595cb77e913e98c9f2c2150e6b713012cd19f2487761a8e364e320af47741cf7ab53142fe9305d7491a8b76d747c
-
SSDEEP
12288:QL88mbu2rpKomPPijFbJ34tEZCgWSZkK5VdKbggPdOXwx6vwGpy30Yw6W:b8p2goysF4taCgVRdiNlOQF30V
-
Darkcomet family
-
Modifies security service
-
Disables RegEdit via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-