General

  • Target

    tmp

  • Size

    428KB

  • Sample

    230721-epaxksce91

  • MD5

    b43b5801afa9e2ce8e1d9405b2dc8c75

  • SHA1

    d883a98392c199c9b08fc2e8c23a85432dcc9f8c

  • SHA256

    3066a439584cb8ac9f984263cf8d651cefb737792066c2001cab9f0ead6d0b84

  • SHA512

    2a8a5c0f54a14490dfeaf77073fc00cd17bfc85a1a54b1bc3520b6747ba19c338182c127d73f274e64e27bec3c988d3f5d0840eeb268e84dcc531feed80b0840

  • SSDEEP

    6144:vYa6gQS2RkYttYZUNxXkFqsgdpFCw8F7kScyvPH1T1UYZy50CWB:vYWyRkYteUNCksXw8q0nhZu0Co

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      tmp

    • Size

      428KB

    • MD5

      b43b5801afa9e2ce8e1d9405b2dc8c75

    • SHA1

      d883a98392c199c9b08fc2e8c23a85432dcc9f8c

    • SHA256

      3066a439584cb8ac9f984263cf8d651cefb737792066c2001cab9f0ead6d0b84

    • SHA512

      2a8a5c0f54a14490dfeaf77073fc00cd17bfc85a1a54b1bc3520b6747ba19c338182c127d73f274e64e27bec3c988d3f5d0840eeb268e84dcc531feed80b0840

    • SSDEEP

      6144:vYa6gQS2RkYttYZUNxXkFqsgdpFCw8F7kScyvPH1T1UYZy50CWB:vYWyRkYteUNCksXw8q0nhZu0Co

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks