General

  • Target

    tmp

  • Size

    984KB

  • Sample

    230503-mss7bsec97

  • MD5

    2fecbf0f723458decf3c8372457fad00

  • SHA1

    832c244980b0416fcdfcacd4395ba551b6ab69c6

  • SHA256

    e0e6e09142251c9f332d1e196c346ffc91e029a73935877ebaea34a78533c916

  • SHA512

    713b7c0a344a299f2d46935ace87e5c36762cbb98e8478ff01c7bdbd7bdcd1ab67ba575fb816f7e707a643e9fcf55f56940d635ce1bef6dbb1e520ce2b1701fc

  • SSDEEP

    24576:/f1YLhoTDEz9eIBlxniSC7Mq/XRq6Wys:na9ovEz9eYldnCwqPR

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot5910132523:AAEKRc8fOn4WgyrXgHzd8WfRx78_lEgkCaI/sendMessage?chat_id=5877439820

Targets

    • Target

      tmp

    • Size

      984KB

    • MD5

      2fecbf0f723458decf3c8372457fad00

    • SHA1

      832c244980b0416fcdfcacd4395ba551b6ab69c6

    • SHA256

      e0e6e09142251c9f332d1e196c346ffc91e029a73935877ebaea34a78533c916

    • SHA512

      713b7c0a344a299f2d46935ace87e5c36762cbb98e8478ff01c7bdbd7bdcd1ab67ba575fb816f7e707a643e9fcf55f56940d635ce1bef6dbb1e520ce2b1701fc

    • SSDEEP

      24576:/f1YLhoTDEz9eIBlxniSC7Mq/XRq6Wys:na9ovEz9eYldnCwqPR

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks