General
-
Target
CTR00220720220047BSignsig.exe
-
Size
7.9MB
-
MD5
fadcc3eb14d9b6dfbf94598757c7fa3d
-
SHA1
9235076e554ff32812edbea18a4e6a6bddd0d191
-
SHA256
9cbc823497764e2adb9ee790dc825e81dac4098283cac91ee0db9e67b927789f
-
SHA512
a22444c90dacc1c6a85ae9b9b6a8062f059113637ccf96dc92d0850701ff3cc97bdf8da0e06a2e13803fb13aa2f7272d35ccb25e7c8ff0d780e7ac57ede95ddc
-
SSDEEP
98304:itluDcQQfieNAOJx6He1227F7/4Ectz3UFm6MPgeBjJwM4Qywudsc747c0H44qnw:ibuDVJeNJJqeugwud7lM0ZVc/fp
Score
10/10
Malware Config
Extracted
Family
darkcloud
C2
https://api.telegram.org/bot5646594587:AAFLtqpAq5c975sh1G5rvvfsgxXFzA9Q8h0/sendMessage?chat_id=5527518337
Signatures
-
Darkcloud family
-
Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
CTR00220720220047BSignsig.exe
Headers
Sections