General

  • Target

    OrdemdeCompra.exe.bin

  • Size

    1.0MB

  • Sample

    230505-zphbwaeb93

  • MD5

    c041ea1db65b15853616addc268a5342

  • SHA1

    ff86b0e7c04739835f043da76dca91f8e49351a9

  • SHA256

    55182f40b8372c9d9b9f8d5d59ce387b19acb5e355af6a40a6bfbb0bf64bd31f

  • SHA512

    85201389170c4fe57d55a3e8b4e9cacecd13bf954ebd3659dfcbe957c75bf227173aa3d2d6f45e852973ba69ff7c582f7000bf66a8f20f5b8fa0dcec1cd95d39

  • SSDEEP

    24576:yjCFyy3LuJCKhieUHU03chggmYBKtBp6F:yyyy33GinHC/dBKt

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot5747177798:AAGv5MNvuUjtsZ9QlXMkdP6QssoMkGFSw6s/sendMessage?chat_id=805410216

Targets

    • Target

      OrdemdeCompra.exe.bin

    • Size

      1.0MB

    • MD5

      c041ea1db65b15853616addc268a5342

    • SHA1

      ff86b0e7c04739835f043da76dca91f8e49351a9

    • SHA256

      55182f40b8372c9d9b9f8d5d59ce387b19acb5e355af6a40a6bfbb0bf64bd31f

    • SHA512

      85201389170c4fe57d55a3e8b4e9cacecd13bf954ebd3659dfcbe957c75bf227173aa3d2d6f45e852973ba69ff7c582f7000bf66a8f20f5b8fa0dcec1cd95d39

    • SSDEEP

      24576:yjCFyy3LuJCKhieUHU03chggmYBKtBp6F:yyyy33GinHC/dBKt

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks