Overview

overview

10

Static

static

3

f7571c90f0...59.exe

windows7-x64

10

f7571c90f0...59.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7571c90f08a7033487ee9d525200659.exe

  • Size

    1.0MB

  • Sample

    240502-lvgewaec91

  • MD5

    f7571c90f08a7033487ee9d525200659

  • SHA1

    d371e758d0d72f3ef48f4920980be242d6ab91d6

  • SHA256

    642b6fc57f3f62da2f2b15f04eaa563116e4bc4fb711f019012840a7aec89e3e

  • SHA512

    746cc5bab3b85add45a152de51d76dac0f6dccd4633c8eeb942a08adc0187eeb9e31197a47355c56221293d170b515ef36961f27ddd9cbc8d2e6b16b94abb4a0

  • SSDEEP

    12288:NCWD4xZKxMl6NlC62QXGTS5bEgaq3J94OI68+3ocabHh+Us7:9D4xZKx9NlJWTStcq3JAf+3ocuH4

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6107929879:AAHV6JwXs7rcYzMGLe3_opR5_gdKAC16Ye4/sendMessage?chat_id=6311012313

Targets

    • Target

      f7571c90f08a7033487ee9d525200659.exe

    • Size

      1.0MB

    • MD5

      f7571c90f08a7033487ee9d525200659

    • SHA1

      d371e758d0d72f3ef48f4920980be242d6ab91d6

    • SHA256

      642b6fc57f3f62da2f2b15f04eaa563116e4bc4fb711f019012840a7aec89e3e

    • SHA512

      746cc5bab3b85add45a152de51d76dac0f6dccd4633c8eeb942a08adc0187eeb9e31197a47355c56221293d170b515ef36961f27ddd9cbc8d2e6b16b94abb4a0

    • SSDEEP

      12288:NCWD4xZKxMl6NlC62QXGTS5bEgaq3J94OI68+3ocabHh+Us7:9D4xZKx9NlJWTStcq3JAf+3ocuH4

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks