General

  • Target

    NEW PO.exe

  • Size

    907KB

  • Sample

    230720-p7gg7ahb7v

  • MD5

    1dc6a4dd8ac552c5bb6aa2f12d83926b

  • SHA1

    3c06b68bc42bc79523815d47af13b6b69be6946a

  • SHA256

    295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87

  • SHA512

    d140fef3db69539e755366cd7ff94e8df5a475093012732ba243d886b664cdb726a726cb4c5e60f8c1e36f2829fddd193413b27b2ea8f2ef5a86b5b4ff346a04

  • SSDEEP

    24576:2PYPgrtqyNZPoFJhdK/FtzVOCie84PPtU+e:2w2qyNZAgMH4PPtg

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      NEW PO.exe

    • Size

      907KB

    • MD5

      1dc6a4dd8ac552c5bb6aa2f12d83926b

    • SHA1

      3c06b68bc42bc79523815d47af13b6b69be6946a

    • SHA256

      295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87

    • SHA512

      d140fef3db69539e755366cd7ff94e8df5a475093012732ba243d886b664cdb726a726cb4c5e60f8c1e36f2829fddd193413b27b2ea8f2ef5a86b5b4ff346a04

    • SSDEEP

      24576:2PYPgrtqyNZPoFJhdK/FtzVOCie84PPtU+e:2w2qyNZAgMH4PPtg

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks