General

  • Target

    Swift Copy.Pdf.z

  • Size

    846KB

  • Sample

    230719-l5dfzacd94

  • MD5

    530773a29b9c64b88a34f74c45c0f5d1

  • SHA1

    2b9a17a782a4d0f94602a82cd60cd938f8541794

  • SHA256

    57c64f399d5f4ac7b0a981eb0ee76e690eb3f4fff95643b904a5061dba0ea517

  • SHA512

    7f5e49bbd4f48e0104ef39e17862a2ae27f87e1b4541d73e0cae246811885dc579a35780dee162b543719a76471f71c45b764162765534654fc2947052feeafe

  • SSDEEP

    24576:rnu8Y7cZEtq4cNoGN+8GVoUD1q0eVt64reP4e:qAeUj+8QplKC

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      Swift Copy.exe

    • Size

      907KB

    • MD5

      1dc6a4dd8ac552c5bb6aa2f12d83926b

    • SHA1

      3c06b68bc42bc79523815d47af13b6b69be6946a

    • SHA256

      295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87

    • SHA512

      d140fef3db69539e755366cd7ff94e8df5a475093012732ba243d886b664cdb726a726cb4c5e60f8c1e36f2829fddd193413b27b2ea8f2ef5a86b5b4ff346a04

    • SSDEEP

      24576:2PYPgrtqyNZPoFJhdK/FtzVOCie84PPtU+e:2w2qyNZAgMH4PPtg

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks