darkcloud | 7b7007b4d9e6c32d895875c554ac0b4d58ac194f83b853770b9385d2818669bc | Triage

Sharing

General

Target

7b7007b4d9e6c32d895875c554ac0b4d58ac194f83b853770b9385d2818669bc.exe
Size

370KB
Sample

240508-jfbjzahe7s
MD5

0b607416e6541a823d501b7853ed8926
SHA1

ffa49602afe8bb0f5da39fe12d1d86b36bb84d7a
SHA256

7b7007b4d9e6c32d895875c554ac0b4d58ac194f83b853770b9385d2818669bc
SHA512

c9dd85251d499dc122853d8c3fe787e708e3f2cecb9e6e41e8b84cb6df8841a001f3628f83ea395e30fd71c8b7fa2e7edf54faf7aadf8e6696af84c78e122666
SSDEEP

6144:JLnESs/NWtzAME3nW1FKAtYKdTj7y1ZrkniErc8d1/w5KA81IJ8GpF6nuTmOOU:pnE/NSAME3nW1FhtYiv7yXYZDjYKkJjx

Score

10^/10

darkcloud stealer

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot7148308455:AAGrdlRzhjt8mx31-dFYXt4kvhbFnphSlSg/sendMessage?chat_id=6542615755

Targets

- Target
  
  7b7007b4d9e6c32d895875c554ac0b4d58ac194f83b853770b9385d2818669bc.exe
- Size
  
  370KB
- MD5
  
  0b607416e6541a823d501b7853ed8926
- SHA1
  
  ffa49602afe8bb0f5da39fe12d1d86b36bb84d7a
- SHA256
  
  7b7007b4d9e6c32d895875c554ac0b4d58ac194f83b853770b9385d2818669bc
- SHA512
  
  c9dd85251d499dc122853d8c3fe787e708e3f2cecb9e6e41e8b84cb6df8841a001f3628f83ea395e30fd71c8b7fa2e7edf54faf7aadf8e6696af84c78e122666
- SSDEEP
  
  6144:JLnESs/NWtzAME3nW1FKAtYKdTj7y1ZrkniErc8d1/w5KA81IJ8GpF6nuTmOOU:pnE/NSAME3nW1FhtYiv7yXYZDjYKkJjx
Score

10^/10

darkcloud stealer
- DarkCloud
  An information stealer written in Visual Basic.
  stealer darkcloud
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcloudstealer

behavioral2

darkcloudstealer