Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

86c4dd6e73...2e.exe

windows7-x64

10

86c4dd6e73...2e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86c4dd6e739bbc2538421c9379194324f8ff5e3d51a6f326e0bab752eaa07c2e.exe

  • Size

    1.2MB

  • Sample

    250311-egvxsa1vdv

  • MD5

    e9ae56e12c4caf8bfdd79f8e02032795

  • SHA1

    91a5242c822e0be9d53fdce6bb98eb2b10120554

  • SHA256

    86c4dd6e739bbc2538421c9379194324f8ff5e3d51a6f326e0bab752eaa07c2e

  • SHA512

    b754aad9eba6303f87a812f590c607336b5a4edbaa50a29bbb6b935053b6a69f656a62559be8708059b29ed12a8501a01139673f0c49bfb68a1cde8aef78eee9

  • SSDEEP

    24576:Uu6J33O0c+JY5UZ+XC0kGso6FaylqQZtc0Xc4QbtWY:uu0c++OCvkGs9FaylzZFceY

Score
10/10
darkclouddiscoverystealer

Malware Config

Extracted

Family

darkcloud

Credentials

  • Protocol:     ftp
  • Host:
    @StrFtpServer
  • Port:
    21
  • Username:
    @StrFtpUser
  • Password:
    @StrFtpPass

Targets

    • Target

      86c4dd6e739bbc2538421c9379194324f8ff5e3d51a6f326e0bab752eaa07c2e.exe

    • Size

      1.2MB

    • MD5

      e9ae56e12c4caf8bfdd79f8e02032795

    • SHA1

      91a5242c822e0be9d53fdce6bb98eb2b10120554

    • SHA256

      86c4dd6e739bbc2538421c9379194324f8ff5e3d51a6f326e0bab752eaa07c2e

    • SHA512

      b754aad9eba6303f87a812f590c607336b5a4edbaa50a29bbb6b935053b6a69f656a62559be8708059b29ed12a8501a01139673f0c49bfb68a1cde8aef78eee9

    • SSDEEP

      24576:Uu6J33O0c+JY5UZ+XC0kGso6FaylqQZtc0Xc4QbtWY:uu0c++OCvkGs9FaylzZFceY

    Score
    10/10
    darkclouddiscoverystealer

    • DarkCloud

      An information stealer written in Visual Basic.

      stealerdarkcloud

    • Darkcloud family

      darkcloud

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks