server.exe

General
Target

server.exe

Size

627KB

Sample

210429-dkr5gbkwg2

Score
10 /10
MD5

ccadb01dd1b49d0feb520c6bf7f819ef

SHA1

f0a859f869fe2c4c01541f7777be40b97fa8820d

SHA256

399b5ca1eee21d07a146800fbccb360c524171237b49b1fa415fbabd0c6b92e8

SHA512

82bbcdee9acf630fc8e1f15bafec31e2d7f6ac6f998006a4d64ea2b13c7d7a78f2fb51fa6f652ad65dab7e191fd8b17cda3b570ef0101374e1d1b0682932d77c

Malware Config
Targets
Target

server.exe

MD5

ccadb01dd1b49d0feb520c6bf7f819ef

Filesize

627KB

Score
10 /10
SHA1

f0a859f869fe2c4c01541f7777be40b97fa8820d

SHA256

399b5ca1eee21d07a146800fbccb360c524171237b49b1fa415fbabd0c6b92e8

SHA512

82bbcdee9acf630fc8e1f15bafec31e2d7f6ac6f998006a4d64ea2b13c7d7a78f2fb51fa6f652ad65dab7e191fd8b17cda3b570ef0101374e1d1b0682932d77c

Tags

Signatures

  • DarkTrack

    Description

    DarkTrack is a remote administration tool written in delphi.

    Tags

  • DarkTrack Payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    10/10

                    behavioral1

                    10/10

                    behavioral2

                    10/10