darkcloud | 41fba72245a47fc97ba08382fb31a6cb58d8fe33a5098948dc45fde442732790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41fba72245a47fc97ba08382fb31a6cb58d8fe33a5098948dc45fde442732790exe_JC.exe
Size

804KB
Sample

230804-rsz24abc69
MD5

18a92e23aba473ea087ea1d7a657d934
SHA1

7939d4ee66de909264064e089e3b8fbb1c9f1430
SHA256

41fba72245a47fc97ba08382fb31a6cb58d8fe33a5098948dc45fde442732790
SHA512

1f53907d3aaa85bb83342cd320573a9c4d9c3627dd7ab6dc8abeddb8147767614bc43dfdd6675797f83971633b3f61487d31e935b4c37ffc534f1ff4979a742a
SSDEEP

12288:NqKus0AXb2qSasZKWoOk7RT9B8b7XRMfPYlLBI2BgnpknPk1Ez9QP:MKrXaqhVf1w7XunYnI2B7kU9

Score

10^/10

darkcloud stealer

Malware Config

Extracted

Family

darkcloud

Attributes

email_from
[email protected]
email_to
[email protected]

Targets

- Target
  
  41fba72245a47fc97ba08382fb31a6cb58d8fe33a5098948dc45fde442732790exe_JC.exe
- Size
  
  804KB
- MD5
  
  18a92e23aba473ea087ea1d7a657d934
- SHA1
  
  7939d4ee66de909264064e089e3b8fbb1c9f1430
- SHA256
  
  41fba72245a47fc97ba08382fb31a6cb58d8fe33a5098948dc45fde442732790
- SHA512
  
  1f53907d3aaa85bb83342cd320573a9c4d9c3627dd7ab6dc8abeddb8147767614bc43dfdd6675797f83971633b3f61487d31e935b4c37ffc534f1ff4979a742a
- SSDEEP
  
  12288:NqKus0AXb2qSasZKWoOk7RT9B8b7XRMfPYlLBI2BgnpknPk1Ez9QP:MKrXaqhVf1w7XunYnI2B7kU9
Score

10^/10

darkcloud stealer
- DarkCloud
  An information stealer written in Visual Basic.
  stealer darkcloud
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcloudstealer

behavioral2

darkcloudstealer