General

  • Target

    4422d10b6d41c54487f2e72541ffccbbb0bc6f8e8328d409f5e9f6ebf1c5c54c.exe

  • Size

    488KB

  • Sample

    230725-mwnq1scb59

  • MD5

    3a7ab4ad6d9a36447689d25b84b8e341

  • SHA1

    1d5f6d004a7f200bfcb7262100e22b6cc52e5b6f

  • SHA256

    4422d10b6d41c54487f2e72541ffccbbb0bc6f8e8328d409f5e9f6ebf1c5c54c

  • SHA512

    30126cf0f447115b97ac7fa2f833c6879ef06f1dc92b0d8453285eac54880a147ee6968687039a99665a26258522a8b26fa171a5f3204314b74002c9ef60d4f0

  • SSDEEP

    12288:66nq9ahuwlWR7Gl9vzZ1dl/LxMrKCqJjYKkJj6GmZUN:vhVvl1dl/lMrK3xYb6nZS

Score
10/10

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6392998330:AAEoU34KkrBXWdYsC0HHJhwWS-tXdCQBgic/sendMessage?chat_id=6386262734

Targets

    • Target

      4422d10b6d41c54487f2e72541ffccbbb0bc6f8e8328d409f5e9f6ebf1c5c54c.exe

    • Size

      488KB

    • MD5

      3a7ab4ad6d9a36447689d25b84b8e341

    • SHA1

      1d5f6d004a7f200bfcb7262100e22b6cc52e5b6f

    • SHA256

      4422d10b6d41c54487f2e72541ffccbbb0bc6f8e8328d409f5e9f6ebf1c5c54c

    • SHA512

      30126cf0f447115b97ac7fa2f833c6879ef06f1dc92b0d8453285eac54880a147ee6968687039a99665a26258522a8b26fa171a5f3204314b74002c9ef60d4f0

    • SSDEEP

      12288:66nq9ahuwlWR7Gl9vzZ1dl/LxMrKCqJjYKkJj6GmZUN:vhVvl1dl/lMrK3xYb6nZS

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks