General
-
Target
3d1072986b88dc6184e40ba0df6acfc2.bin
-
Size
1.5MB
-
Sample
230506-b51ldshg3y
-
MD5
3962efb4e3c2f50de3bd0c4ef9ebb471
-
SHA1
d1019aeebddda89441479f1d0b4d1b7124d82cb9
-
SHA256
bb7b7de5736ff17b431e23759c77be1f5aecd12784ce5c81b49aef87370d87d5
-
SHA512
94f83a462d80be6c9aa4e4bce69c92d775edec8fb2a5e37865a6564f2fb92d7336f7eceb947688a534dcaada5add36c2dc220e365a9ac600c8752ce93dee826f
-
SSDEEP
24576:pEqyK1AsTu9wqwFJB7mDCEy/WUSKbXwZi8dr08aJr+FUrsCzW4J3svocIP9:pEq/A1SXFJZQy/WBKDwMQQ84+KrsyW4T
Static task
static1
Behavioral task
behavioral1
Sample
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot5955632087:AAGbHX-YygFpBeOiEaTfH9CY-2MMNrZcY48/sendMessage?chat_id=865011046
Targets
-
-
Target
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5.exe
-
Size
1.6MB
-
MD5
3d1072986b88dc6184e40ba0df6acfc2
-
SHA1
3dced4443af3c9591c948c827ac5b02bd0d31029
-
SHA256
8992b94e147a940a1da05b11631e28202c50840902fa372690485b49c415e4b5
-
SHA512
6b072f7e1b617a1426faeffdc14b80259f2601f29f5df65953694917cfa9611379976424ec37ffe3d139f5abd1bff02146d968f6a47d96d57ab4de1bb32a626b
-
SSDEEP
24576:rPKokfY5HGAg4y2oLeeHlQFwSohxt3jIwYg94ZIgUZ8K5BEuww4sXpA5jp9DTS2I:LZWY5mz4yJSfu/9IwYgeJuw7sX0jpd
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-