General

  • Target

    tmp

  • Size

    428KB

  • Sample

    230719-q6wfdsha91

  • MD5

    70462b94519e8f0354cdde7584e536ce

  • SHA1

    82216609abd57d9bb0b363d29c7456a7812b106e

  • SHA256

    ad9af6543f3eda2c556ad005fc4f5b3b3b5298f54312d1fda5354534903f55af

  • SHA512

    07885dc1bb6ffd32c80cdb2218d6e40e0b341f2ec97bc21e8834364d217c9198b2a95255420b40095e297ebb2f2b9dafb1e7058778c47f293cd42d7f007ca9b8

  • SSDEEP

    12288:/Y3DFejc4eN4rbwpN+Ftb4v3Gi2M/eXhjPC6cJ44MmSFJq:/Y3RwnbwpN6F4/gj1fe13Sq

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      tmp

    • Size

      428KB

    • MD5

      70462b94519e8f0354cdde7584e536ce

    • SHA1

      82216609abd57d9bb0b363d29c7456a7812b106e

    • SHA256

      ad9af6543f3eda2c556ad005fc4f5b3b3b5298f54312d1fda5354534903f55af

    • SHA512

      07885dc1bb6ffd32c80cdb2218d6e40e0b341f2ec97bc21e8834364d217c9198b2a95255420b40095e297ebb2f2b9dafb1e7058778c47f293cd42d7f007ca9b8

    • SSDEEP

      12288:/Y3DFejc4eN4rbwpN+Ftb4v3Gi2M/eXhjPC6cJ44MmSFJq:/Y3RwnbwpN6F4/gj1fe13Sq

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks