Overview

overview

10

Static

static

3

Factura 1572023.exe

windows7-x64

10

Factura 1572023.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Factura 1572023.exe

  • Size

    892KB

  • Sample

    230707-sylmbsaa45

  • MD5

    4f310117d805982c98ab5f72b9d57226

  • SHA1

    9b5893de7d40ec9383440baa7a05afc557e58a1d

  • SHA256

    9c107eb970d14a5cb4e2232970451d0192b13bd87c7b231ac327bbafbacbb729

  • SHA512

    62ca489401a3feb56527d0bec1e79cf98f7228d59af1ab6ac03f3eca8345a49c8c4f8cba0f1fbdfc227bd83cc32fee801e3ef126b777d04f4e28d4b5094e9f57

  • SSDEEP

    24576:igjjk9YVRXPbYCwy7sRm6IvivgnwlLlMxleBpyeTV:HfVRXjxN7sRm6IagwlylCb

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot604988038:AAHbCIrKg0mPOZkWXVnoaV9KsVWEMxXjp0M/sendMessage?chat_id=2126102657

Targets

    • Target

      Factura 1572023.exe

    • Size

      892KB

    • MD5

      4f310117d805982c98ab5f72b9d57226

    • SHA1

      9b5893de7d40ec9383440baa7a05afc557e58a1d

    • SHA256

      9c107eb970d14a5cb4e2232970451d0192b13bd87c7b231ac327bbafbacbb729

    • SHA512

      62ca489401a3feb56527d0bec1e79cf98f7228d59af1ab6ac03f3eca8345a49c8c4f8cba0f1fbdfc227bd83cc32fee801e3ef126b777d04f4e28d4b5094e9f57

    • SSDEEP

      24576:igjjk9YVRXPbYCwy7sRm6IvivgnwlLlMxleBpyeTV:HfVRXjxN7sRm6IagwlylCb

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks