General

  • Target

    Q-Specification#107287.pdf (189K).rar

  • Size

    688KB

  • Sample

    240122-xdf9bschc3

  • MD5

    5b8d78968c989c9b1ab8eccf22fcd58e

  • SHA1

    7d72d64188e21b3f8e94bcf8bcb36e5d8d90087b

  • SHA256

    bb05df923d78b810abb650a138f411f2ba5cc2ac628f76ed67cd7ea3254ca58d

  • SHA512

    f24183125f21c5544bbe450c35185111043cae844c98193f660ea1ba32408592e834e9421d4dc54ae6da289a7c1b33aead54d32cac9156bcd2929b89d52977dd

  • SSDEEP

    12288:SyVX3MJ02v+tmkJ4j0lYTMkrxYi2GsXWyxCqha6AvXVkokQZgvmJ8GrAK:SQA022HiFfmXBRMlkZKgVK

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      Q-Specification#107287.pdf (189K).scr

    • Size

      837KB

    • MD5

      d33e029670979b9b113f5e019fd7c89c

    • SHA1

      aa245e7abb445325d127a551a316b1d9c9d2aca7

    • SHA256

      1e7bec6e211e8cd375a52939396d844622a93c487758a9e6dae6ed8733ceda9e

    • SHA512

      8e50e4b3e775e93412b539fb062730f9b942031e9c13da018a189c60b92d1b2fe1dda9b8a30aba05a7997ed154bde4762ab251e56076cd64474f1464863a2742

    • SSDEEP

      12288:QvcfkIOldtSlQ5od3dI+6csqNpzZuV3NLrq0Wxjrx+dZjJD05I3J2Y:7fkrl2fdIvqgV3w/trx+pQcJD

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks