General

  • Target

    5b8d78968c989c9b1ab8eccf22fcd58e.bin

  • Size

    688KB

  • Sample

    240124-ckv1vagac8

  • MD5

    8aee21ba883f8afa473a17fbc4221e42

  • SHA1

    f8fe7edc634a806f7683645f1acaaa7f48afb340

  • SHA256

    5a92ad3e9f3034dcb57ef215c71f551c0ad46e888e69fcd4c09bc6592859a5e8

  • SHA512

    3b7ddcf9645348a3f25f9bef9e1b80b60d5b209b07ca935adefbb9be27ea68ab2ecf7790813c3102f37686421aff2f19c3bced62bc437b0f8e766d4a51c04568

  • SSDEEP

    12288:XWAgS8allOhquk+cuIkfAEu0GNbWKAzNxRdS5pudEiAvrUGZ0JiJ71Gk1NV5:mTYleq84Eu0GNLA5RSLudErvgTLk1NV5

Score
10/10

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      Q-Specification#107287.pdf (189K).scr

    • Size

      837KB

    • MD5

      d33e029670979b9b113f5e019fd7c89c

    • SHA1

      aa245e7abb445325d127a551a316b1d9c9d2aca7

    • SHA256

      1e7bec6e211e8cd375a52939396d844622a93c487758a9e6dae6ed8733ceda9e

    • SHA512

      8e50e4b3e775e93412b539fb062730f9b942031e9c13da018a189c60b92d1b2fe1dda9b8a30aba05a7997ed154bde4762ab251e56076cd64474f1464863a2742

    • SSDEEP

      12288:QvcfkIOldtSlQ5od3dI+6csqNpzZuV3NLrq0Wxjrx+dZjJD05I3J2Y:7fkrl2fdIvqgV3w/trx+pQcJD

    Score
    10/10
    • DarkCloud

      An information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks