General
-
Target
17543832d4d4e72c62da6172ad6bc8feae790669748b6c80b9aba08c992657da
-
Size
804KB
-
Sample
240417-r26w1aea3w
-
MD5
f24e49715706d741addffda1942898c3
-
SHA1
d9599f7ab78551029157596dc5bfba4087e60807
-
SHA256
17543832d4d4e72c62da6172ad6bc8feae790669748b6c80b9aba08c992657da
-
SHA512
91566a77cd39bd4ccc7b479cbe0ca3e41cc21b8960f3d114977cb02524a5e298f871f3c92d0034c700904b0c375af0be2eb41c2771618d41942ce7d4a3c759bd
-
SSDEEP
12288:q/GBy0KVFi555XKCMx36rMKI1ZnD+PUXj+MsPbDNpLnJzbxKsQ6sscgVbnJH3lYp:P56CU3Io9DDXjiNJnJ1scbnJVZGsXk
Static task
static1
Behavioral task
behavioral1
Sample
6e94f38fee814023e77c4f2f3f718fd0bdf456974fb7742c03ee17dd2054050c.exe
Resource
win7-20240221-en
Malware Config
Extracted
darkcloud
-
email_from
info@alo.com.eg
-
email_to
info@alo.com.eg
Targets
-
-
Target
6e94f38fee814023e77c4f2f3f718fd0bdf456974fb7742c03ee17dd2054050c.exe
-
Size
911KB
-
MD5
9530a4b5c2772de4edb6005f057c0405
-
SHA1
f544295bc15e8c1f69e9c2939acc88decfe404c8
-
SHA256
6e94f38fee814023e77c4f2f3f718fd0bdf456974fb7742c03ee17dd2054050c
-
SHA512
62d66a9cdaa81a4e651711dfa27de2dd0269a3200da8f62dd91a479bc925198caa9b4090cdf2e509832b9d226f1d33b28f5f66f6a30c7f0ad39f8f0e3f5f56ed
-
SSDEEP
12288:8SGnBbC8IABQRIVa8Tt5g0IhUSIw28Ph0S0NrlhjT2E6JbkpjPJaGbrKHaYl18/d:NEC+BVTUZX2HjTz6pmddYl10
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-