General

  • Target

    Invoice.exe.bin

  • Size

    956KB

  • Sample

    230505-zj8a4sgd21

  • MD5

    ae39d887355354bbe63f6cec19518ec0

  • SHA1

    3c87093e3f49d666fec1c7e6c1dcd26527e49e9e

  • SHA256

    c88dd07515cb029ada85020dfdc2e20768861c9f3c47855d5b07a62daa3381e7

  • SHA512

    409b51659d0105e126351ea02a80b24515123d70426a129eb8b4ec418d095b7a16ec1754ad8a4d8f68c2a7d299d97bb37a56badf3ec5e09fab5a2ea6e576e823

  • SSDEEP

    24576:5m0/34HuosqDIdxe/KhMangc1iO3+zXPqcT:MsIHVsqDCXnK2+zXPq2

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot5747177798:AAGv5MNvuUjtsZ9QlXMkdP6QssoMkGFSw6s/sendMessage?chat_id=805410216

Targets

    • Target

      Invoice.exe.bin

    • Size

      956KB

    • MD5

      ae39d887355354bbe63f6cec19518ec0

    • SHA1

      3c87093e3f49d666fec1c7e6c1dcd26527e49e9e

    • SHA256

      c88dd07515cb029ada85020dfdc2e20768861c9f3c47855d5b07a62daa3381e7

    • SHA512

      409b51659d0105e126351ea02a80b24515123d70426a129eb8b4ec418d095b7a16ec1754ad8a4d8f68c2a7d299d97bb37a56badf3ec5e09fab5a2ea6e576e823

    • SSDEEP

      24576:5m0/34HuosqDIdxe/KhMangc1iO3+zXPqcT:MsIHVsqDCXnK2+zXPq2

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks