Overview

overview

10

Static

static

3

Teklif 232...--.exe

windows7-x64

10

Teklif 232...--.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Teklif 2321-Tecnicas del Cable, S.A-TURKEY---.exe

  • Size

    932KB

  • Sample

    240710-gnk29ssenh

  • MD5

    883cf4255f882fe37f4920efede0c744

  • SHA1

    3bf30fb4585f86f79f97fe54fb94d1cee10bd9ef

  • SHA256

    5e7b9b88f18be7d07963c53f18b3bf473f5e05ff30817c10538214292ae846f7

  • SHA512

    49dc64a6e572f48b42cb83373521a7ec9f0e3f04c2d3262d8e5f3db63217705b4219df219392b223f643039546a011ed006cebeae1eef199f1a127e82f8d5588

  • SSDEEP

    24576:+2SWGLZmVcYR7YJ+5JfGA97nkp8V5j47wnJg:+2RXVcYdYaf7tCEiEnJg

Score
10/10
darkcloudstealer

Malware Config

Extracted

Family

darkcloud

C2

https://api.telegram.org/bot6843160964:AAF3CXe6SpPYlr6PSxsfXFuMMbuXMIkkNtE/sendMessage?chat_id=5302361040

Targets

    • Target

      Teklif 2321-Tecnicas del Cable, S.A-TURKEY---.exe

    • Size

      932KB

    • MD5

      883cf4255f882fe37f4920efede0c744

    • SHA1

      3bf30fb4585f86f79f97fe54fb94d1cee10bd9ef

    • SHA256

      5e7b9b88f18be7d07963c53f18b3bf473f5e05ff30817c10538214292ae846f7

    • SHA512

      49dc64a6e572f48b42cb83373521a7ec9f0e3f04c2d3262d8e5f3db63217705b4219df219392b223f643039546a011ed006cebeae1eef199f1a127e82f8d5588

    • SSDEEP

      24576:+2SWGLZmVcYR7YJ+5JfGA97nkp8V5j47wnJg:+2RXVcYdYaf7tCEiEnJg

    Score
    10/10
    darkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks