216.73.216.133

Eye of the Storm: Analyzing DarkCloud's Latest Capabilities

· Published 29/09/2025 09:34 · Modified 30/09/2025 09:08

Export JSON

Essential information

Published
29/09/2025 09:34
Modified
30/09/2025 09:08
Tags
2025-09-29 crypto-wallet targeting darkcloud evasion techniques exfiltration information stealer spear-phishing vb6
Related entities
13 techniques (mitre), 1 malware, 1 others

Description

eSentire's Threat Response Unit detected a campaign targeting a manufacturing customer, attempting to deliver the information-stealing malware. The malware, distributed through a malicious zip archive, has undergone significant updates including a rewrite and enhanced . targets various data types including browser credentials, keystrokes, FTP credentials, and cryptocurrency wallets. The malware employs sophisticated evasion methods to avoid detection by sandboxes and security researchers. It supports multiple methods including SMTP, Telegram, FTP, and Web Panel. The report provides detailed technical analysis of 's functionality, distribution methods, and .

External references