General

  • Target

    LEIDA IMPEX SRL TRADING CO.pdf.r00

  • Size

    841KB

  • Sample

    240123-n5xwqahhgm

  • MD5

    971e3fd8be9c8c387db74dd69a62cf7c

  • SHA1

    387bb0d3591eafdfbd233fb64d64c9c4418cec03

  • SHA256

    bd3975ecc26ab8656d2dff7ea510a1c4cbfe6d39bfc1dae97d96f9bd5d7f90cc

  • SHA512

    f72e4c40f5094a1caf428c0227e3037eb97767c1298d5265b465f047c75d37ce0b50592179afdc9e425dafcf447a0f85c1c9f316beaf55de7a3452b34d57c844

  • SSDEEP

    12288:qDlbOAoEJWYBelJuJhnTjXmd6g+uslLD3XuiPn25IfTudOE9sZmUgbyXquQ8uXcY:qDDleC/cqP3XBLTC8ZmUXXvXl+

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      LEIDA IMPEX SRL TRADING CO.pdf.exe

    • Size

      885KB

    • MD5

      9d3bb60e68119b577c916a7681e052cc

    • SHA1

      9c2b2771f7421d52c4709940be32f0f30488ff7d

    • SHA256

      f746ed45af2d73fae31d7c7b26b365377aa7d8bc97a12b9583502797c71502f1

    • SHA512

      cccaba820db30b9cc1802e8c98cbb14495d3964eb8124998513f9b9479d54bc201801577343f2da09ee7a7ae6d8c2c6a7da07869c22d188aa6033c10eaf6601b

    • SSDEEP

      12288:EPT92iNPBJI3fHZgrKnE++cMC8A/jffuAt4fRSo8qJDpd7HZG1:Ox1xuf+rKnX+cMVQ3JaZSoXJD/HA

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks