General

  • Target

    Bank Statement094.exe

  • Size

    480KB

  • Sample

    241002-lgjcbasglf

  • MD5

    adbc7e37cd351baceff2717be4a69691

  • SHA1

    5ec172db78d7408eddaabaec82575e9f27beba92

  • SHA256

    aa839ca2fa495b13ce46a0a8adca8da6601d55f1efc4e11995274c57fb2024dd

  • SHA512

    0bfe37ad283eb2596f9a95aa214e8b8d0beedc5b267216466d8dd92ba48d14f44f941cd12fab7fd8bb3f8928c60a3ef23e793453a84e08e2fffec63710c36b10

  • SSDEEP

    12288:gCQ1GLlOZsCqt7iXbjiXVgyiUNqy3k8ZEy8StUVjYKkJj6GmZU:ZwZE7fJNqIeStUdYb6nZ

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      Bank Statement094.exe

    • Size

      480KB

    • MD5

      adbc7e37cd351baceff2717be4a69691

    • SHA1

      5ec172db78d7408eddaabaec82575e9f27beba92

    • SHA256

      aa839ca2fa495b13ce46a0a8adca8da6601d55f1efc4e11995274c57fb2024dd

    • SHA512

      0bfe37ad283eb2596f9a95aa214e8b8d0beedc5b267216466d8dd92ba48d14f44f941cd12fab7fd8bb3f8928c60a3ef23e793453a84e08e2fffec63710c36b10

    • SSDEEP

      12288:gCQ1GLlOZsCqt7iXbjiXVgyiUNqy3k8ZEy8StUVjYKkJj6GmZU:ZwZE7fJNqIeStUdYb6nZ

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks