General
-
Target
cb2d711304377c0cf637d497ffea41f9ed0b31a907be15df53f369b7a6974327.exe
-
Size
1.3MB
-
Sample
250311-fj2zjsslt7
-
MD5
57e9a6b2f9b226c04d6e5843da5dfcd2
-
SHA1
0b051574e6bdf3810a30a2c239f0c3b44ee63e6e
-
SHA256
cb2d711304377c0cf637d497ffea41f9ed0b31a907be15df53f369b7a6974327
-
SHA512
65272f661c733ea423fc895d3f1a37d4476dccde506de1411267f4ac8ffcf1c001b5a1cf906d109369de055724cc82b9d6f08efc7716558ea7c7dde3ce64b8ce
-
SSDEEP
24576:0u6J33O0c+JY5UZ+XC0kGso6FaWYysVPDWKH4scs3WY:Ou0c++OCvkGs9FafPDWKYlvY
Static task
static1
Behavioral task
behavioral1
Sample
cb2d711304377c0cf637d497ffea41f9ed0b31a907be15df53f369b7a6974327.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcloud
Protocol: ftp- Host:
ftp.dorasanat.com.tr - Port:
21 - Username:
[email protected] - Password:
K0BRhY6s,&aN
Targets
-
-
Target
cb2d711304377c0cf637d497ffea41f9ed0b31a907be15df53f369b7a6974327.exe
-
Size
1.3MB
-
MD5
57e9a6b2f9b226c04d6e5843da5dfcd2
-
SHA1
0b051574e6bdf3810a30a2c239f0c3b44ee63e6e
-
SHA256
cb2d711304377c0cf637d497ffea41f9ed0b31a907be15df53f369b7a6974327
-
SHA512
65272f661c733ea423fc895d3f1a37d4476dccde506de1411267f4ac8ffcf1c001b5a1cf906d109369de055724cc82b9d6f08efc7716558ea7c7dde3ce64b8ce
-
SSDEEP
24576:0u6J33O0c+JY5UZ+XC0kGso6FaWYysVPDWKH4scs3WY:Ou0c++OCvkGs9FafPDWKYlvY
-
Darkcloud family
-
Suspicious use of SetThreadContext
-