Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

52ae063969...09.exe

windows7-x64

3

52ae063969...09.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52ae063969118de1c844aad047e594b5c2d1531401a81add6f1c64fd9df2d609.exe

  • Size

    947KB

  • Sample

    250311-dpx7fazsg1

  • MD5

    ebe7ce63ef720ba6efd6966374914b2d

  • SHA1

    bb3fba76397f63fa119d8bb9e0d974aa940122c6

  • SHA256

    52ae063969118de1c844aad047e594b5c2d1531401a81add6f1c64fd9df2d609

  • SHA512

    3c325cbe4a66e28172c0a2f2ce39a6beeacfc991798df1e417e91f2191ce87502cf1a0f6536115f861b09e947b24b694d8770f2dfdd4ebbe910dc20f17778a8a

  • SSDEEP

    12288:L9JEvSeBzZ06jy5znuPvgAHFw5ITU+8UyPLcWI52KchMZKxA:ZcSeBzZ06+NuHgPIV2Kc3A

Score
10/10
darkclouddiscoverystealer

Malware Config

Extracted

Family

darkcloud

Attributes

Targets

    • Target

      52ae063969118de1c844aad047e594b5c2d1531401a81add6f1c64fd9df2d609.exe

    • Size

      947KB

    • MD5

      ebe7ce63ef720ba6efd6966374914b2d

    • SHA1

      bb3fba76397f63fa119d8bb9e0d974aa940122c6

    • SHA256

      52ae063969118de1c844aad047e594b5c2d1531401a81add6f1c64fd9df2d609

    • SHA512

      3c325cbe4a66e28172c0a2f2ce39a6beeacfc991798df1e417e91f2191ce87502cf1a0f6536115f861b09e947b24b694d8770f2dfdd4ebbe910dc20f17778a8a

    • SSDEEP

      12288:L9JEvSeBzZ06jy5znuPvgAHFw5ITU+8UyPLcWI52KchMZKxA:ZcSeBzZ06+NuHgPIV2Kc3A

    Score
    10/10
    discoverydarkcloudstealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Darkcloud family

      darkcloud

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks