Analysis
-
max time kernel
141s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
24-01-2024 14:02
Behavioral task
behavioral1
Sample
63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe
Resource
win7-20231215-en
3 signatures
150 seconds
General
-
Target
63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe
-
Size
431KB
-
MD5
8d58433f19119d601a6a8f1430026598
-
SHA1
e7a2d1f1e12d11a055c8a27375356804b51f8e0e
-
SHA256
63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2
-
SHA512
559db1c502e0260bd3cf9ce18e499c9935c21093fe032e142f0197e621511f950cbe517020500bcf072411457ea4d8ecfbb85125c7bc7c0212e25adbe7bf7f25
-
SSDEEP
12288:eZsVxH05ZKUdcXUN71oyZZYo1+jYKkJj6GmZU:eZ6Hqt1oSZYoyYb6nZ
Malware Config
Extracted
Family
darkcloud
Attributes
- email_from
- email_to
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exepid process 2236 63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exepid process 2236 63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe"C:\Users\Admin\AppData\Local\Temp\63bd4a94d37aa6aceab2c6d8423db403b9fd467b85e5c299f736b80e55f7ebf2.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2236