General
-
Target
2024-01-26_6a801424860b7e86639254592bbc84b1_darkside
-
Size
145KB
-
Sample
240226-jd6mbsgf3z
-
MD5
6a801424860b7e86639254592bbc84b1
-
SHA1
6e5a6170260e06a00c90e975fe8c98489b7a0d03
-
SHA256
6fcee00c908b40aac5a7e50007f485fc35ebfbdc2ae6a6d5e0a1f37636caca75
-
SHA512
75740fd2f7094a1b9c55d84caf5ff620c888c3e13ce1ecb983c978e2f5dbaa07d4cae5d9cd5563f85e96cd027d11def5beb6fb6607b9dc219e67196fe0ebb92e
-
SSDEEP
3072:k6glyuxE4GsUPnliByocWep/YiIp6tcPS:k6gDBGpvEByocWe9YGu6
Behavioral task
behavioral1
Sample
2024-01-26_6a801424860b7e86639254592bbc84b1_darkside.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-01-26_6a801424860b7e86639254592bbc84b1_darkside.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-01-26_6a801424860b7e86639254592bbc84b1_darkside
-
Size
145KB
-
MD5
6a801424860b7e86639254592bbc84b1
-
SHA1
6e5a6170260e06a00c90e975fe8c98489b7a0d03
-
SHA256
6fcee00c908b40aac5a7e50007f485fc35ebfbdc2ae6a6d5e0a1f37636caca75
-
SHA512
75740fd2f7094a1b9c55d84caf5ff620c888c3e13ce1ecb983c978e2f5dbaa07d4cae5d9cd5563f85e96cd027d11def5beb6fb6607b9dc219e67196fe0ebb92e
-
SSDEEP
3072:k6glyuxE4GsUPnliByocWep/YiIp6tcPS:k6gDBGpvEByocWe9YGu6
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-