Overview

overview

10

Static

static

5

0c0d782dac...6b.exe

windows7-x64

10

0c0d782dac...6b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c0d782dac4f8afdf63e33666febfe1aea6605c1a64ae532a8b84d2d315b176b.exe

  • Size

    1.1MB

  • Sample

    240426-nzp9pafg2t

  • MD5

    982f1903db530be43b0d0fc4ce976e8e

  • SHA1

    e2a9534e65f2ae33df71b136cfef600eab4f3627

  • SHA256

    0c0d782dac4f8afdf63e33666febfe1aea6605c1a64ae532a8b84d2d315b176b

  • SHA512

    80d5a9a05b5079dc99f48ac2497dfa5ef08fb37204d5b6811f5ad3806950d43ddfecea13713e9624ef00473f75c94a661b48b27363461a532bcb237a6afbbd2b

  • SSDEEP

    24576:DAHnh+eWsN3skA4RV1Hom2KXMmHaoPOpKOWz6zBvxwiruLgP5:Oh+ZkldoPK8YaompKFz6lJw4uA

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

Attributes
  • email_from

    igor.bos@vinoterra.ru

  • email_to

    office.tony39@mail.ru

Targets

    • Target

      0c0d782dac4f8afdf63e33666febfe1aea6605c1a64ae532a8b84d2d315b176b.exe

    • Size

      1.1MB

    • MD5

      982f1903db530be43b0d0fc4ce976e8e

    • SHA1

      e2a9534e65f2ae33df71b136cfef600eab4f3627

    • SHA256

      0c0d782dac4f8afdf63e33666febfe1aea6605c1a64ae532a8b84d2d315b176b

    • SHA512

      80d5a9a05b5079dc99f48ac2497dfa5ef08fb37204d5b6811f5ad3806950d43ddfecea13713e9624ef00473f75c94a661b48b27363461a532bcb237a6afbbd2b

    • SSDEEP

      24576:DAHnh+eWsN3skA4RV1Hom2KXMmHaoPOpKOWz6zBvxwiruLgP5:Oh+ZkldoPK8YaompKFz6lJw4uA

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks