General

  • Target

    85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7N.exe

  • Size

    658KB

  • Sample

    250324-e1dgvawzbv

  • MD5

    14caff579a203804602c55bc2feed600

  • SHA1

    512b79d9ffe5cd44ddad8a18cced440578cb8ee4

  • SHA256

    85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7

  • SHA512

    3ccb6f604229435558b74314ea929453e98582f0c658cff6eb940049823ca2e6d9d5743d9fb60510042e4b7ad266d8e22a7bf1003b74760617d9976340895215

  • SSDEEP

    12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hE:WZ1xuVVjfFoynPaVBUR8f+kN10EB2

Malware Config

Extracted

Family

darkcomet

Botnet

onEstEnsamble

C2

88.99.61.194:5067

Mutex

DCMIN_MUTEX-A89V5VW

Attributes
  • gencode

    03TlA6qxpLlo

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

rc4.plain

Targets

    • Target

      85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7N.exe

    • Size

      658KB

    • MD5

      14caff579a203804602c55bc2feed600

    • SHA1

      512b79d9ffe5cd44ddad8a18cced440578cb8ee4

    • SHA256

      85ee2a8a959206f502ed044119b600878223e2c20468266fc330a9169a28dfb7

    • SHA512

      3ccb6f604229435558b74314ea929453e98582f0c658cff6eb940049823ca2e6d9d5743d9fb60510042e4b7ad266d8e22a7bf1003b74760617d9976340895215

    • SSDEEP

      12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hE:WZ1xuVVjfFoynPaVBUR8f+kN10EB2

MITRE ATT&CK Enterprise v15

Tasks