General
-
Target
2accae5e44cff57a393096acc4fc48d1a293614e6d38cedc3aa039b382895ad0.exe
-
Size
520KB
-
Sample
250120-v2aqcazrfk
-
MD5
136813dfba7fe74370ab7e949cc06ed7
-
SHA1
4457524b1f2ea3eba432fc115ef2697bb8a96a5d
-
SHA256
2accae5e44cff57a393096acc4fc48d1a293614e6d38cedc3aa039b382895ad0
-
SHA512
4f77977ac98dc402ee6ca4e24b233cbc66f11d59b817f895b81d6193cedbbb72bff9e6a619021460f48e9d05b4efd0039cbe50bbe535e8dbbb3d1a9bb2269b73
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbB:f9fC3hh29Ya77A90aFtDfT5IMbB
Static task
static1
Behavioral task
behavioral1
Sample
2accae5e44cff57a393096acc4fc48d1a293614e6d38cedc3aa039b382895ad0.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
PrivateEye
ratblackshades.no-ip.biz:1604
DC_MUTEX-ACC1R98
-
gencode
8GG5LVVGljSF
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
2accae5e44cff57a393096acc4fc48d1a293614e6d38cedc3aa039b382895ad0.exe
-
Size
520KB
-
MD5
136813dfba7fe74370ab7e949cc06ed7
-
SHA1
4457524b1f2ea3eba432fc115ef2697bb8a96a5d
-
SHA256
2accae5e44cff57a393096acc4fc48d1a293614e6d38cedc3aa039b382895ad0
-
SHA512
4f77977ac98dc402ee6ca4e24b233cbc66f11d59b817f895b81d6193cedbbb72bff9e6a619021460f48e9d05b4efd0039cbe50bbe535e8dbbb3d1a9bb2269b73
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbB:f9fC3hh29Ya77A90aFtDfT5IMbB
-
Darkcomet family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-