General

  • Target

    95a4dd3db43ef316cbb5b49a03bcc3b2.bin.bin

  • Size

    1.5MB

  • Sample

    230501-v4dvsaba5w

  • MD5

    65e03d52f4579b2799be2e3346a61428

  • SHA1

    61c50fc5c4c83e70360e08d62ef3c0191477625f

  • SHA256

    fcdbdabc293e7dec5b58836026bd44a5fa8cb5af9fe8d86ff05c8faccd2f2d74

  • SHA512

    52d001b8fa417155bd226062a94e7b677fde2f5fde708ee2573c7621381e8b9fa66f39109135a12c0225805a369288d9d490489cdd5c385808494a8293a95f71

  • SSDEEP

    24576:Zszd+egIOMFTln3vwXhwR0GxBb8ku6UR0Vt3nkzGdVwE3gfo8MG/y/P0X7KyRx9/:OIedOipwXI0Gx13u073njUTRGf22o

Score
10/10

Malware Config

Targets

    • Target

      7a7d03e12cbbddbed5fb0eda66514036c3989897c2e3b0242a9768a97f3fe19e.exe

    • Size

      1.7MB

    • MD5

      95a4dd3db43ef316cbb5b49a03bcc3b2

    • SHA1

      4c4ba77fc007950852d3829666ecbe4cfc5d342d

    • SHA256

      7a7d03e12cbbddbed5fb0eda66514036c3989897c2e3b0242a9768a97f3fe19e

    • SHA512

      1e5bf96b8e0d2e818b88ee4e287ee5a4d97d529f85f408fdd78d67afa47c3baf5ed4e118e0ba5cd77236f210104dd42290ed5b2a1a3a22c6bcdc78f9fb71eb05

    • SSDEEP

      24576:1ylUXFiJS5aZh2e44NsqOwM1ghfJxmpq6nXCFRgumQGdtuy32KWTO:1y+E8ih2eWHNgh0yFiFFSylWTO

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks