General
-
Target
MODELO 347.exe
-
Size
1.0MB
-
Sample
250304-mav8zaymx8
-
MD5
d64c13ac169fe8be6acbb9243cb256b3
-
SHA1
309f791e294a9ad6c2d394bdb61c78f00aadb7da
-
SHA256
79f7e76ba3a8780a2dd46d78aac07f2235f457ee2771ef4556b85c12f2be0061
-
SHA512
8f0ece37892c17362ba3e2a8dd74b288adb00066d09e2c41cf3a3bc3f5d6dc4f937f30f5655a4cd73f18809b03564ae373cea62fbb5fd57e904e1fdd81b3aeed
-
SSDEEP
12288:GRlpmCARYJKALOPijwRcgUKtpQZFWu7rS+eKVVN+FKZFPOZOlxNsxoFOmCVkk+Ah:GVemMMfrVvKlrC4uC7elQ
Static task
static1
Behavioral task
behavioral1
Sample
MODELO 347.exe
Resource
win7-20241023-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot8171626722:AAGIo9PvRpFrmWwamfv0SMURLy1PCYFG9a8/sendMessage?chat_id=6542615755
Targets
-
-
Target
MODELO 347.exe
-
Size
1.0MB
-
MD5
d64c13ac169fe8be6acbb9243cb256b3
-
SHA1
309f791e294a9ad6c2d394bdb61c78f00aadb7da
-
SHA256
79f7e76ba3a8780a2dd46d78aac07f2235f457ee2771ef4556b85c12f2be0061
-
SHA512
8f0ece37892c17362ba3e2a8dd74b288adb00066d09e2c41cf3a3bc3f5d6dc4f937f30f5655a4cd73f18809b03564ae373cea62fbb5fd57e904e1fdd81b3aeed
-
SSDEEP
12288:GRlpmCARYJKALOPijwRcgUKtpQZFWu7rS+eKVVN+FKZFPOZOlxNsxoFOmCVkk+Ah:GVemMMfrVvKlrC4uC7elQ
-
Darkcloud family
-
Suspicious use of SetThreadContext
-