Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEW PO.PDF.Z

  • Size

    846KB

  • Sample

    230719-mk8xtadc4x

  • MD5

    bd4a8a91a168adf7b4beacce618c0438

  • SHA1

    151ac594efa44ef5b6caea6cf5fa061edb82f653

  • SHA256

    55bb1002104a85a9dbaa1ae0853aff09783f37eab7f1e87a8ce7f40652673138

  • SHA512

    4019752bc006da2711648998656b0a46b056cd7b72563837e58e55f5e88df40235ada7eaeaab472830144105b806644bc813342b79c4f18188d2757cdf54ba73

  • SSDEEP

    24576:Inu8Y7cZEtq4cNoGN+8GVoUD1q0eVt64reP4m:vAeUj+8QplKi

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      NEW PO.exe

    • Size

      907KB

    • MD5

      1dc6a4dd8ac552c5bb6aa2f12d83926b

    • SHA1

      3c06b68bc42bc79523815d47af13b6b69be6946a

    • SHA256

      295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87

    • SHA512

      d140fef3db69539e755366cd7ff94e8df5a475093012732ba243d886b664cdb726a726cb4c5e60f8c1e36f2829fddd193413b27b2ea8f2ef5a86b5b4ff346a04

    • SSDEEP

      24576:2PYPgrtqyNZPoFJhdK/FtzVOCie84PPtU+e:2w2qyNZAgMH4PPtg

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks