Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    DHL AWB 38722187090.gz

  • Size

    803KB

  • Sample

    230822-rvkp7aec2z

  • MD5

    2e85a7ba3d019866ad44bf71ab51e7bb

  • SHA1

    f760dfc27a05cbc300b6fae846323bd541f42799

  • SHA256

    7aa2c7dddf4293f44c8d736721480bea6d539228da56a4151c52ba9bffc87f6e

  • SHA512

    ecf3c17b66b4e4d411c2cc6fc046fbc4bdb31edccf3be23c7dbf92c37f55367e85a52010caa8134958209a6d0f6bf2041950589f62d84ebccdda79fc4510619f

  • SSDEEP

    24576:5NfOZTCCe6L69qEP6QQK/H62afHY7Tzikn3e:urjEPpH62af4rDn3e

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      DHL AWB 38722187090.exe

    • Size

      914KB

    • MD5

      3232348d8f9aa98c80011580ae8d7c43

    • SHA1

      f7887c6ea74e9d435ea8a7764fca67cf388e7477

    • SHA256

      f2ae9306a48f1b446ce9467300267b864e8efe3f9e3b3d01da8bb89133140613

    • SHA512

      2728202d1d29ab4d13e3c5a77eaa5e95a1d5f39969bb260e05331b0828e4da3f242615c663ccf0a44f013f7edadc1581158506feb643c06e08b6f5b2891c956c

    • SSDEEP

      12288:H51qEww2d1mbTi5f6iB1YaZGMLxyAdLdE57Ry8iHs+t8PgaDZsoEJh3Y1EmXxDPJ:jqEw0CCiBDd6zBO8omiDotP1oMd

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks