General

  • Target

    25fd5bffe980f3b72d65e21d15a86053.bin

  • Size

    803KB

  • Sample

    230503-bmhymadb98

  • MD5

    4cb9487e28551c43b86242fd088cd854

  • SHA1

    32098e43801132fcb1ab7e26d2a5d88adf5f83d1

  • SHA256

    944324670af9eee1dc348d1376b4acfcaa8fb5de7e16beaf5aa2c58973d0a252

  • SHA512

    e45c2f9a546644ef92fe400049c30c6a8c7b6f58b7860d29aed8f3dcfaa6b78f42b7e9b426a8fde132bb7f2951a31992ca9ef67e8848f935c6a1a4784413e96f

  • SSDEEP

    24576:qTcVTKWL2EH8jrVMetTALKQ0DOT7NC0nko:qcVH8MetTAl0CnNJP

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6220925905:AAFbd3Et4YQi4C1WTvNkPbMsAOdz5c8giT0/sendMessage?chat_id=5463149861

Targets

    • Target

      b8a62f112c6160c5830015208c34e95772aa2f2620dd27166033b57d130e89da.exe

    • Size

      948KB

    • MD5

      25fd5bffe980f3b72d65e21d15a86053

    • SHA1

      2333114042ebe36adda1af09927783c0aea37d69

    • SHA256

      b8a62f112c6160c5830015208c34e95772aa2f2620dd27166033b57d130e89da

    • SHA512

      9f71d6cd0f387deff7e5c255d0c696705638b360bfa6439012f9f494af769d197fe961cb1a94e378ae026634de9473a19a9c5d01d40b3332abf04086fd2e4410

    • SSDEEP

      24576:mmuKSNK6uN3I7n19slVx61e0JRo4objEOHLnv+1x:mmuRwH2OY1AXnXzg

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks