General
-
Target
2.exe
-
Size
1.4MB
-
Sample
230508-qa5desce5z
-
MD5
fa6eefd769490dbd1ba36eb870226603
-
SHA1
50b600cf1b90502de2489759c214343eb669f899
-
SHA256
a27073fa1c77f7edd0c4c5eacc53465c141674be1d0f484165f0399b52ee631e
-
SHA512
28bdb6ad660cdba5d479de7e61ca1245cfcb1c8232d910e198be3df3ae5a6879479482080adb3af0532ff7ae6eda5a99bdb124ab25764bec79c7559ac2ea71d2
-
SSDEEP
24576:Hb81ccmG2TpGx72n4jduA8iH35maWZc5LU9o740oUH53rlHb4j:HbMcPG2Tgx7Y4jduAtH3Qa1UT0Zxlc
Static task
static1
Behavioral task
behavioral1
Sample
2.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot5955632087:AAGbHX-YygFpBeOiEaTfH9CY-2MMNrZcY48/sendMessage?chat_id=865011046
Targets
-
-
Target
2.exe
-
Size
1.4MB
-
MD5
fa6eefd769490dbd1ba36eb870226603
-
SHA1
50b600cf1b90502de2489759c214343eb669f899
-
SHA256
a27073fa1c77f7edd0c4c5eacc53465c141674be1d0f484165f0399b52ee631e
-
SHA512
28bdb6ad660cdba5d479de7e61ca1245cfcb1c8232d910e198be3df3ae5a6879479482080adb3af0532ff7ae6eda5a99bdb124ab25764bec79c7559ac2ea71d2
-
SSDEEP
24576:Hb81ccmG2TpGx72n4jduA8iH35maWZc5LU9o740oUH53rlHb4j:HbMcPG2Tgx7Y4jduAtH3Qa1UT0Zxlc
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-