Overview

overview

10

Static

static

3

9d72ce2b96...2f.exe

windows7-x64

10

9d72ce2b96...2f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8af90c9ff0349205e404367d57ae1f99c043d7262f8effaed819c11e50d02a6

  • Size

    866KB

  • Sample

    240417-r5elxseb5s

  • MD5

    13e5f5df7d47c77b2925a0627b687bf5

  • SHA1

    4897fcb20735a517affc3ab01554a14f6d746e16

  • SHA256

    f8af90c9ff0349205e404367d57ae1f99c043d7262f8effaed819c11e50d02a6

  • SHA512

    e0f0781fdd019e9e7a29ca282a4cf10dfd1d2e45de287658b21c9a3110888bca8e3d8e481177d02f91c30ed7df1e88d38ca00f7a9dabaace660261476dff24d9

  • SSDEEP

    24576:+m2caJNrKFpVKwgYiejGf37LI4FlNrzM4zCH:32cON2jowJAI4FxS

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

Attributes
  • email_from

    abybay.com_rw1x6mkwaai@abybay.com

  • email_to

    willrobert8383@yandex.com

Targets

    • Target

      9d72ce2b96230793c01a4628b5f8aaea6b0d7021c0806b23cf5c2747dd9a232f.exe

    • Size

      942KB

    • MD5

      1d35f5b9450b5481ae0e303da85b3cca

    • SHA1

      3da2dae00338c3312778df4c35ace6121d62eade

    • SHA256

      9d72ce2b96230793c01a4628b5f8aaea6b0d7021c0806b23cf5c2747dd9a232f

    • SHA512

      ca15112432e80d00be1874847725f15fc3dbbf82cd74de0f9ccd65cd9441c1c7344bd76e901a12f35243b6beb6519d47dc3643b08a75fa1c073fc416318f6854

    • SSDEEP

      24576:VmPgjjN179c11+Sb0L2HFZriiuEkwPQd2B04s/:35rI1+SALUXeif7PQdx4s/

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks