darkcloud | 5946bbf5dc0be29cccdd0e66b13d17cf776fc785c9b8d67b06cbb56c85bd5577 | Triage

Sharing

General

Target

5946bbf5dc0be29cccdd0e66b13d17cf776fc785c9b8d67b06cbb56c85bd5577.exe
Size

370KB
Sample

240509-l33cbaeh62
MD5

1c33d6d36c82b089cadab786f557f635
SHA1

900fb77fc9a15a0ad823c0dee55754d58869f636
SHA256

5946bbf5dc0be29cccdd0e66b13d17cf776fc785c9b8d67b06cbb56c85bd5577
SHA512

caa98b053a25a7910273cc4792d0e470b7dad927f267c6f182158c946999292e908cf3a5102cb76d05f66a59ecfb727198052e271a144eec60dced37ca8d7d86
SSDEEP

6144:aLnESs/NWtzAME3nW1FKAtYKdTj7y1ZrkniErc8d1/w5KA81IJ8GpF6nuTmOOU:anE/NSAME3nW1FhtYiv7yXYZDjYKkJjx

Score

10^/10

darkcloud stealer

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot7148308455:AAGrdlRzhjt8mx31-dFYXt4kvhbFnphSlSg/sendMessage?chat_id=6542615755

Targets

- Target
  
  5946bbf5dc0be29cccdd0e66b13d17cf776fc785c9b8d67b06cbb56c85bd5577.exe
- Size
  
  370KB
- MD5
  
  1c33d6d36c82b089cadab786f557f635
- SHA1
  
  900fb77fc9a15a0ad823c0dee55754d58869f636
- SHA256
  
  5946bbf5dc0be29cccdd0e66b13d17cf776fc785c9b8d67b06cbb56c85bd5577
- SHA512
  
  caa98b053a25a7910273cc4792d0e470b7dad927f267c6f182158c946999292e908cf3a5102cb76d05f66a59ecfb727198052e271a144eec60dced37ca8d7d86
- SSDEEP
  
  6144:aLnESs/NWtzAME3nW1FKAtYKdTj7y1ZrkniErc8d1/w5KA81IJ8GpF6nuTmOOU:anE/NSAME3nW1FhtYiv7yXYZDjYKkJjx
Score

10^/10

darkcloud stealer
- DarkCloud
  An information stealer written in Visual Basic.
  stealer darkcloud
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcloudstealer

behavioral2

darkcloudstealer