General

  • Target

    88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a

  • Size

    364KB

  • MD5

    9fbded06253db293676b1d2cbd4e29ca

  • SHA1

    64490bf0aaa24a63fe26e8cbdeda6b2bff3632b4

  • SHA256

    88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a

  • SHA512

    b5757014f52f0da61aa5187737db800529a3a0bf8ca010afeecf734815b2fb39ab52666a2e24e01a5b7f4b423688607e8c0cbef5593d485f872314041fde936a

  • SSDEEP

    6144:e8d1/w5KA81IJ8GpF6nuTmOOUUb8YzRgKDI7Ngyuf1PsJKd3+/wO92Wg:tjYKkJj6GmZUUb8Yd1SgyufJJA9

Score
10/10

Malware Config

Extracted

Family

darkcloud

Credentials

  • Protocol:
    ftp
  • Host:
    @StrFtpServer
  • Port:
    21
  • Username:
    @StrFtpUser
  • Password:
    @StrFtpPass

Signatures

  • Darkcloud family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a
    .exe windows:4 windows x86 arch:x86

    883949b2a4a909556fa4fe59aa317c9a


    Headers

    Imports

    Sections