General

  • Target

    DHL AWB TRACKING DETAILS.exe

  • Size

    837KB

  • Sample

    240122-lzhhqsdffr

  • MD5

    80b64000c05f3144658e05c696bae93c

  • SHA1

    6a0d78385a73d3e5357d124a2b67091d4b696889

  • SHA256

    ea399759fbd83f80066105ff45bba9e5f4d2756eded1a0bacdc0bdf32a283af2

  • SHA512

    fe21341b7a7826024cdc920157b1cb733aa7a9e610c01c49b55086284852bc8ab8d89a356c903e5cbab6d85fc6e2d6c388337900bff1695a9cd9771853a313e3

  • SSDEEP

    12288:0p1+IE+qwVpR/UUzfy1ZjQtnJN5ouG0DDZMeYxgpTCv8aAq0dbVGzRxTl:UVE9I7DG/jQRJ7x1MlxOJNedl

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      DHL AWB TRACKING DETAILS.exe

    • Size

      837KB

    • MD5

      80b64000c05f3144658e05c696bae93c

    • SHA1

      6a0d78385a73d3e5357d124a2b67091d4b696889

    • SHA256

      ea399759fbd83f80066105ff45bba9e5f4d2756eded1a0bacdc0bdf32a283af2

    • SHA512

      fe21341b7a7826024cdc920157b1cb733aa7a9e610c01c49b55086284852bc8ab8d89a356c903e5cbab6d85fc6e2d6c388337900bff1695a9cd9771853a313e3

    • SSDEEP

      12288:0p1+IE+qwVpR/UUzfy1ZjQtnJN5ouG0DDZMeYxgpTCv8aAq0dbVGzRxTl:UVE9I7DG/jQRJ7x1MlxOJNedl

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks