darkcloud | 0968b8105a936a18e61bdfbeb022c5baae9d9af67070dd26747e93eff64f5b2b | Triage

Submit
Reports

Overview

overview

Static

static

3

ЗАПИТ...Т.exe

windows7-x64

ЗАПИТ...Т.exe

windows10-2004-x64

Sharing

General

Target

ЗАПИТВАНЕ ЗА ПРОДУКТ.exe
Size

2.4MB
Sample

240508-jdxpeshd81
MD5

69182c28695e5f9bfb3bcd99ab0afea5
SHA1

c1d64ed49a2d3adf4d89a53444afc88c0c405534
SHA256

0968b8105a936a18e61bdfbeb022c5baae9d9af67070dd26747e93eff64f5b2b
SHA512

35baf9f36a744c1045d7acec6d3f9a902031d42f19d3628f5eca19abb4152af06452645bd001f4d1059819aa84eddeef59cdec223e3263dcf786ca41079335ac
SSDEEP

24576:1B5dUhI4kKqFas04BSWQ+ChB4ejpyenYWcoEGpTBNf01W7cqSOOd/:1veqKqFasLf/+pbxLpTffH7UO+

Score

10^/10

darkcloud stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ЗАПИТВАНЕ ЗА ПРОДУКТ.exe

Resource

win7-20240221-en

darkcloud stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ЗАПИТВАНЕ ЗА ПРОДУКТ.exe

Resource

win10v2004-20240419-en

darkcloud stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6800672014:AAFjIhthNxpYeDLxh4u9CJvqMfisOhMGH6M/sendMessage?chat_id=6542615755

Targets

- Target
  
  ЗАПИТВАНЕ ЗА ПРОДУКТ.exe
- Size
  
  2.4MB
- MD5
  
  69182c28695e5f9bfb3bcd99ab0afea5
- SHA1
  
  c1d64ed49a2d3adf4d89a53444afc88c0c405534
- SHA256
  
  0968b8105a936a18e61bdfbeb022c5baae9d9af67070dd26747e93eff64f5b2b
- SHA512
  
  35baf9f36a744c1045d7acec6d3f9a902031d42f19d3628f5eca19abb4152af06452645bd001f4d1059819aa84eddeef59cdec223e3263dcf786ca41079335ac
- SSDEEP
  
  24576:1B5dUhI4kKqFas04BSWQ+ChB4ejpyenYWcoEGpTBNf01W7cqSOOd/:1veqKqFasLf/+pbxLpTffH7UO+
Score

10^/10

darkcloud stealer
- DarkCloud
  An information stealer written in Visual Basic.
  stealer darkcloud
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcloudstealer

behavioral2

darkcloudstealer

© 2018-2024

Terms | Privacy