General
-
Target
2025-07-04_d619b9e85e4a2102d94b2928b0efb9c8_amadey_black-basta_coinminer_darkcomet_elex_hijackloader_luca-stealer_stop
-
Size
5.1MB
-
Sample
250704-vmfytabn2v
-
MD5
d619b9e85e4a2102d94b2928b0efb9c8
-
SHA1
7abf9bbd62cf2249532a0d3cbfa100aa0763c0ba
-
SHA256
6d1250a0dade7fdf59435669d8e82a2043315438da5b6038658a469e0ad3eada
-
SHA512
da0e687220746d34227102706e00a1ca2416a42a51326a4512d597012865f07eb76d0ab3829063f083d0a45714b1c11a168c5c3b6ae344dc43f1f6ae799700b0
-
SSDEEP
98304:olerjesRJ8YQU/A5qZiQmMrm1RF4P6CfUbtYa:frj578YQK5yHFc6CfUSa
Malware Config
Extracted
darkcomet
- gencode
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
2025-07-04_d619b9e85e4a2102d94b2928b0efb9c8_amadey_black-basta_coinminer_darkcomet_elex_hijackloader_luca-stealer_stop
-
Size
5.1MB
-
MD5
d619b9e85e4a2102d94b2928b0efb9c8
-
SHA1
7abf9bbd62cf2249532a0d3cbfa100aa0763c0ba
-
SHA256
6d1250a0dade7fdf59435669d8e82a2043315438da5b6038658a469e0ad3eada
-
SHA512
da0e687220746d34227102706e00a1ca2416a42a51326a4512d597012865f07eb76d0ab3829063f083d0a45714b1c11a168c5c3b6ae344dc43f1f6ae799700b0
-
SSDEEP
98304:olerjesRJ8YQU/A5qZiQmMrm1RF4P6CfUbtYa:frj578YQK5yHFc6CfUSa
-
Darkcomet family
-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-