Overview

overview

10

Static

static

3

8e436dc374...03.exe

windows7-x64

10

8e436dc374...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    22dd03c4fdc4528c46861ee474ceedf7cecd3711e5d0768cd67320283aa6cc2c

  • Size

    828KB

  • Sample

    240417-r5bj9seb4y

  • MD5

    78926582ef0f41ba4b4590d4af0e4b0a

  • SHA1

    608f8dcfcd9cd5508ce4dd43831d82ca3a65f7ba

  • SHA256

    22dd03c4fdc4528c46861ee474ceedf7cecd3711e5d0768cd67320283aa6cc2c

  • SHA512

    6416f6d97f0854583e0b73ba01f9c73e7c874fc4a59325149c14013588211375b32f6098ad246b5ba287083faaaed986350f945d9eba036a2145b9bd458b496c

  • SSDEEP

    12288:MKDktNiBWNUsyiXT84Eu8t6cE0m/hujcCserslXdk2MLQK8IXhJbfYYCq4q5GJ:M6kCBAUsBw4Em8QxeIlXifT88XT4VJ

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

Attributes
  • email_from

    abybay.com_rw1x6mkwaai@abybay.com

  • email_to

    willrobert8383@yandex.com

Targets

    • Target

      8e436dc374b71fcb5168d9bba73804267770466a94f4ac20785009c8799bc803.exe

    • Size

      851KB

    • MD5

      5214925401a3a4308de915683c2ad217

    • SHA1

      ff4e722708bc2f25cc17908091aad7645c446076

    • SHA256

      8e436dc374b71fcb5168d9bba73804267770466a94f4ac20785009c8799bc803

    • SHA512

      73d6bb43304a76798b7c422dbaad0be5f6cd49ac25b4cabf9a8be461855ffa9b292aa57a78b75d9a6fcabd8a7197aafcb6188a1cf47236042bfbf04645ac0975

    • SSDEEP

      24576:Uc/MERbgWhZnE5evnYrPJBoz8vxnt/qjC/ypAosmF43YMS4gvu:Uc/T/7E5egrj5F52CSA0aYHR

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks