General
-
Target
invoice.exe
-
Size
1.2MB
-
Sample
250304-jzhsdsvvbv
-
MD5
11dcf616c9ba676358f45f9dad9dd76d
-
SHA1
72aca8573cf6a671c7b00afe478e48334fc56b58
-
SHA256
de61aeb6ede1d93a6391fd889f0864cb7ad312c3a759db83d7f01d4363c566bd
-
SHA512
6894b9708e3efbaf472edcf223944181ac5e2708603d2525c9f762b50569c0c22d3af1c242e073d5a52e341370c18434ac0ad88ab66b8de6f0573328eaea19b1
-
SSDEEP
24576:Uu6J33O0c+JY5UZ+XC0kGso6Fawg8osTmX61lYkq88vJBhBL1PVZ5WY:uu0c++OCvkGs9Faw4TX61lYkPIVp1dCY
Static task
static1
Behavioral task
behavioral1
Sample
invoice.exe
Resource
win7-20250207-en
Malware Config
Extracted
darkcloud
Protocol: ftp- Host:
@StrFtpServer - Port:
21 - Username:
@StrFtpUser - Password:
@StrFtpPass
Targets
-
-
Target
invoice.exe
-
Size
1.2MB
-
MD5
11dcf616c9ba676358f45f9dad9dd76d
-
SHA1
72aca8573cf6a671c7b00afe478e48334fc56b58
-
SHA256
de61aeb6ede1d93a6391fd889f0864cb7ad312c3a759db83d7f01d4363c566bd
-
SHA512
6894b9708e3efbaf472edcf223944181ac5e2708603d2525c9f762b50569c0c22d3af1c242e073d5a52e341370c18434ac0ad88ab66b8de6f0573328eaea19b1
-
SSDEEP
24576:Uu6J33O0c+JY5UZ+XC0kGso6Fawg8osTmX61lYkq88vJBhBL1PVZ5WY:uu0c++OCvkGs9Faw4TX61lYkPIVp1dCY
-
Darkcloud family
-
Suspicious use of SetThreadContext
-