darkcloud | 5e45f400b15d22d484430e07d36c9b01eef5bc3069faa8c9fa8b1b88be93ef9a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

bank details.exe

windows7-x64

bank details.exe

windows10-2004-x64

Sharing

General

Target

bankdetails.rar
Size

792KB
Sample

250312-t3j5qswtfz
MD5

b5b76a32ee0b62aa746607e6c8c79f7e
SHA1

1c09a3113917a45c0f5ad3210f53766a0dbd5aa3
SHA256

5e45f400b15d22d484430e07d36c9b01eef5bc3069faa8c9fa8b1b88be93ef9a
SHA512

dfe574734baf1955bfad31644d0134ca29164b086c6e82f175189691810bf71898a8f557e28dcdf25e68b82c11a22e6ff156fbb3a094ca543f9788137a87eb72
SSDEEP

24576:991RRNrlo3ldFfTcLqbOMmqH5o/1L34Dqu+av:vzrlo1Hf71KdLtujv

Score

10^/10

darkcloud discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bank details.exe

Resource

win7-20240729-en

darkcloud discovery stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

bank details.exe

Resource

win10v2004-20250217-en

darkcloud discovery stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

darkcloud

Credentials

Protocol: ftp
Host:
@StrFtpServer
Port:
21
Username:
@StrFtpUser
Password:
@StrFtpPass

Targets

- Target
  
  bank details.bat
- Size
  
  893KB
- MD5
  
  f2cbbaddb0675bd99c305106ae05ca14
- SHA1
  
  a416708ffdca33fee302a7ec0503c000801a3bd8
- SHA256
  
  5b47ff1c8bb1efc83e426e6c33c217838e822424e0df06564f1ca0670170885c
- SHA512
  
  7723894d81284072bd654fae6780dd0db419341c20202952b9e5cf5720a4b5b6e818b2ffff2976baa58ae939eda0612d35409656a8d6dc74cd27fcb7f512bad3
- SSDEEP
  
  24576:n4l0MSRqgEauL0L1V2FbhfV2kzTbXlAaJuEl4+vode8:n4l0MSRqgEdLS1UrI4lHJZjgI
Score

10^/10

darkcloud discovery stealer
- DarkCloud
  An information stealer written in Visual Basic.
  stealer darkcloud
- Darkcloud family
  darkcloud
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkclouddiscoverystealer

behavioral2

darkclouddiscoverystealer

© 2018-2025

Terms | Privacy