General
-
Target
5ec655a308e7c2dce76053b973c4777e261ce215a17e199870b5662250b6bde6.exe
-
Size
1.2MB
-
Sample
250311-dxv22syqw7
-
MD5
a77f98389fc9db96f0e05c51a4810877
-
SHA1
a0203ecaea3cef231365f09eda26bcb3514fe8eb
-
SHA256
5ec655a308e7c2dce76053b973c4777e261ce215a17e199870b5662250b6bde6
-
SHA512
abc7c6bed24ac29bded04d3932d8f8f62c41b0554a061bbe0a4794f4376677be85ab43b2d19791f61ec10d66b5618e6c786c548204225280d5adf52568d063aa
-
SSDEEP
24576:iu6J33O0c+JY5UZ+XC0kGso6FaNggG4L/vAfDWY:Eu0c++OCvkGs9FaNggJ/vdY
Static task
static1
Behavioral task
behavioral1
Sample
5ec655a308e7c2dce76053b973c4777e261ce215a17e199870b5662250b6bde6.exe
Resource
win7-20241023-en
Malware Config
Extracted
darkcloud
Protocol: ftp- Host:
@StrFtpServer - Port:
21 - Username:
@StrFtpUser - Password:
@StrFtpPass
Targets
-
-
Target
5ec655a308e7c2dce76053b973c4777e261ce215a17e199870b5662250b6bde6.exe
-
Size
1.2MB
-
MD5
a77f98389fc9db96f0e05c51a4810877
-
SHA1
a0203ecaea3cef231365f09eda26bcb3514fe8eb
-
SHA256
5ec655a308e7c2dce76053b973c4777e261ce215a17e199870b5662250b6bde6
-
SHA512
abc7c6bed24ac29bded04d3932d8f8f62c41b0554a061bbe0a4794f4376677be85ab43b2d19791f61ec10d66b5618e6c786c548204225280d5adf52568d063aa
-
SSDEEP
24576:iu6J33O0c+JY5UZ+XC0kGso6FaNggG4L/vAfDWY:Eu0c++OCvkGs9FaNggJ/vdY
-
Darkcloud family
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-