General

  • Target

    DBS.exe.bin

  • Size

    1004KB

  • Sample

    230505-yqh45adc9t

  • MD5

    663e1f29f1338e358edeaee26bb77078

  • SHA1

    3e2556091d7e3cce5f223683a3988ce43f116a10

  • SHA256

    cce0fc87653d2899c27efe1a7487411c0f0757a586719cdef444444c614ffe61

  • SHA512

    8a381bb328762f28d4bb24e73b79a94ccbadb812046c86d2a033e1696ab809d50ad38388f425c44cdadadc31958c919887c503d9dd63975091f90f93b48b6379

  • SSDEEP

    24576:wFd+IhmXkbXf6A36DP7j845NoQnlQ3epPxiCn7K5+ag:gTmYf6iN45vW3AiCn7KcH

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6297321364:AAGrqCx2JSNrLhdAS1lpDcwQJhzQ_stCOgM/sendMessage?chat_id=882017182

Targets

    • Target

      DBS.exe.bin

    • Size

      1004KB

    • MD5

      663e1f29f1338e358edeaee26bb77078

    • SHA1

      3e2556091d7e3cce5f223683a3988ce43f116a10

    • SHA256

      cce0fc87653d2899c27efe1a7487411c0f0757a586719cdef444444c614ffe61

    • SHA512

      8a381bb328762f28d4bb24e73b79a94ccbadb812046c86d2a033e1696ab809d50ad38388f425c44cdadadc31958c919887c503d9dd63975091f90f93b48b6379

    • SSDEEP

      24576:wFd+IhmXkbXf6A36DP7j845NoQnlQ3epPxiCn7K5+ag:gTmYf6iN45vW3AiCn7KcH

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks