Analysis
-
max time kernel
154s -
max time network
162s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
29-01-2024 09:24
Behavioral task
behavioral1
Sample
7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe
Resource
win7-20231215-en
3 signatures
150 seconds
General
-
Target
7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe
-
Size
431KB
-
MD5
d2c0fda1ece3cc90733e291661a10162
-
SHA1
ec0ea1da845eda2dde1d04e8b715eb8396b4000e
-
SHA256
7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af
-
SHA512
cbc0510fe1781ca101e6fbad17ee6a7b27dc90431256e09ef688815428f6f1c59e64da32a6db55f234d6ba4ce093283aa4facb73bca44405e41e6e3a3d8d349f
-
SSDEEP
12288:fZsVxH05ZKUdcXUN71oyZZYo1+jYKkJj6GmZU:fZ6Hqt1oSZYoyYb6nZ
Malware Config
Extracted
Family
darkcloud
Attributes
- email_from
- email_to
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exepid process 2528 7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exepid process 2528 7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe"C:\Users\Admin\AppData\Local\Temp\7950963b742a8b0d9f4e1fd6c642c8b8245a9dc668ce361c9f5390a86c8fd4af.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2528