Overview

overview

10

Static

static

10

DarkTrack+...px.exe

windows10-2004-x64

7

DarkTrack+...ta.exe

windows10-2004-x64

1

DarkTrack+...er.exe

windows10-2004-x64

1

DarkTrack+...eg.exe

windows10-2004-x64

1

DarkTrack+...e3.dll

windows10-2004-x64

7

out.dll

windows10-2004-x64

3

DarkTrack+...e3.dll

windows10-2004-x64

3

DarkTrack+...er.dll

windows10-2004-x64

7

out.dll

windows10-2004-x64

3

DarkTrack+...ub.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DarkTrack+Alien+4.1 Legit Copy.rar

  • Size

    15.0MB

  • Sample

    230407-pp2qeahb36

  • MD5

    c78d6a161e2a466504e41fd9fa1e74d9

  • SHA1

    a2af9b7f5475778db98137fa321ac9f7aee20006

  • SHA256

    d2f024ad19b8ada353f6459d3ac54529b045d4fadab880fcaa0813f4bfd617bc

  • SHA512

    7fd3406cecfde7c9c5ab923b6fd160d13090e9daaa3bad1f81511b8a7c55645ed9d321de46b270eb3fb400680540175f71a53e722896d7bdf3493bf2ffe6ebb5

  • SSDEEP

    196608:nt/c82nIXAVWh2dRGHFvYB40OQOqOiVvCl1Deq14Gqb/A4/QDp8ixMjPgOnkKH1i:nTKIc2hlvE4wuiVvCDeq9P4ILler0

Score
10/10
darktrackaspackv2ratstealerupx

Malware Config

Targets

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Compressors/upx.exe

    • Size

      283KB

    • MD5

      308f709a8f01371a6dd088a793e65a5f

    • SHA1

      a07c073d807ab0119b090821ee29edaae481e530

    • SHA256

      c0f9faffdf14ab2c853880457be19a237b10f8986755f184ecfe21670076cb35

    • SHA512

      c107f1af768d533d02fb82ae2ed5c126c63b53b11a2e5a5bbf45e396cb7796ca4e7984ce969b487ad38d817f4d4366e7953fb555b279aa019ffb5d1bbba57e28

    • SSDEEP

      6144:EBgzKMDrn1MUQ8Kr4eNyJf2EycBqABfpV6xSyQy9CZ07Yf+1+ujToS:v5rn6JfXCjUafpVeDQyUXfW+u/oS

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Darktrack 4.1 Beta.exe

    • Size

      2.9MB

    • MD5

      92c0d76303d0d2ea83a35c03d6b28a15

    • SHA1

      60d3d9e16b202cf8d3a9c2dca9a843f5da65bcb8

    • SHA256

      90e4c9da7a502d71c88b0d8e58a5f4f884de9d6d5c73b753923568784f0302fd

    • SHA512

      1d8b67f16d93f839806aaa979297f31ede91df314211f8fe51e1c562164ebdacd14d73e2ece13ea4adf1f69d6a58cf0e266eae0c4ce710f040c9fdc137c372c4

    • SSDEEP

      49152:6HOK7MnMFtPSudmESq3Qiv+5cTTTTvYlVTYp/tWLRs0uNc9vCrdzVMGQ:6HOAaMnq6+q3SATTzGypMLoAv+VMGQ

    Score
    1/10
    behavioral2

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Mescaline File Binder/Mescaline Multi File Binder.exe

    • Size

      878KB

    • MD5

      4580bc445dfad7d046e7440b1c179c33

    • SHA1

      3c48788e35c4113ddc289747a699ec4691a37ba0

    • SHA256

      80eb6c0204241543f26412c21af9b8d9bc89c20dc24f2d2efff4d674c9e6f350

    • SHA512

      6c57117728986d89f59d404e169824dfe16047ddf8727da0c47e21062b60771b96401d23b667df0120b710b7679f6dd6e2b1215a96c02d93497769b18f88afad

    • SSDEEP

      12288:+sDZtFKbuUoy5LCiE0XNIWP2xo7/nZ9kkeeENH2:1FKKDICiPXNBP1nEeK2

    Score
    1/10
    behavioral3

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Modules/ffmpeg.exe

    • Size

      29.4MB

    • MD5

      f25eef8a89531e8a78340b2a682d6047

    • SHA1

      a3d495987c8fad02b828475020904aedfd2c92ca

    • SHA256

      1abee4a7dbe8f624290054c14ef7b58db19e93df976c2adb8ff4bd20974c3a78

    • SHA512

      28f0f857299655be4e5badd4f044156935f0f60256127e6e8bf1341728d895ec619e8ebb543e1b971e1046f1308242aa9105365bd0a5a1eba432c3c4cf21a115

    • SSDEEP

      393216:eUubj/bPa0l4tk5vDJS81QhKloaXu1xsBsmpe+k:ej/O0l4y1r+Xo

    Score
    1/10
    behavioral4

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/Plugins/sqlite3.dll

    • Size

      171KB

    • MD5

      744dcc4cbbfbb18fe3878c4e769ec48f

    • SHA1

      c1f2c56ee2d91203a01d3465f185295477a1217d

    • SHA256

      33eb31a2a576e663474a895ff0190316c64a93d9ce05a55df0d53f9beeb61163

    • SHA512

      706630be2ca09e574a7794e32e515a0a3f993643d034647b8cb976c1e7045e87e30362757cc65fcdb95f4a4327f0dcda3edc82ba84e5ed9115870a037e13af21

    • SSDEEP

      3072:4yOtgCNPbAHuzueAlwsKmiiEHpmBt7tjBwHH1ELXvSsmB8teUOhKJz4ZKJNCT1xe:FOtRsOz2xKmGH8JBwn+2smB1Uf8Kurb

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5

    • Target

      out.upx

    • Size

      336KB

    • MD5

      43ed6f508ba523e0a3b9224392755ea7

    • SHA1

      8b1e0ec29ab3759d1cec9a01ab4a323e4238684e

    • SHA256

      717118ffe9060081710cd6333549504004c9515df743f696b3c63eb7b2065407

    • SHA512

      cc6b6f112217b466c9c746f7647b833cc62ebe3e0aa2f03439e361fac9964b065c216ada2e4ac19ff5404eb6e663239dbad90b9dee94cd4c173c2667ff522fda

    • SSDEEP

      6144:rICvMnOTvcfgA0qBlJ89Ojo33C1oVDtY4sG2/WctyzuYf0oRCL23/:zvMnAA9BleOjoH4Ktm+jbFL3/

    Score
    3/10
    behavioral6

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3.dll

    • Size

      245KB

    • MD5

      a2eba4b5199074dbe91fae77e1050d8a

    • SHA1

      f144c5e64068eaa923d9244c134681e418148077

    • SHA256

      629fd65a87d6d08503e45348ecc7c337f4921f35e47356e8fab6f3007039c280

    • SHA512

      917032c8ee533c46876ae43b6dd7a85f03293eda67c1710685bb07fbe12d2300742f53c024d81905b199061453950a5238856cf498b97cc83314debb35ac1a40

    • SSDEEP

      6144:t6n+TCgWV8ZC0YeCiR6HKJzgv1/DiF4nqinO:w+T7oMYeCiR6HKJ8No

    Score
    3/10
    behavioral7

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/sqlite3Reader.dll

    • Size

      171KB

    • MD5

      744dcc4cbbfbb18fe3878c4e769ec48f

    • SHA1

      c1f2c56ee2d91203a01d3465f185295477a1217d

    • SHA256

      33eb31a2a576e663474a895ff0190316c64a93d9ce05a55df0d53f9beeb61163

    • SHA512

      706630be2ca09e574a7794e32e515a0a3f993643d034647b8cb976c1e7045e87e30362757cc65fcdb95f4a4327f0dcda3edc82ba84e5ed9115870a037e13af21

    • SSDEEP

      3072:4yOtgCNPbAHuzueAlwsKmiiEHpmBt7tjBwHH1ELXvSsmB8teUOhKJz4ZKJNCT1xe:FOtRsOz2xKmGH8JBwn+2smB1Uf8Kurb

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral8

    • Target

      out.upx

    • Size

      336KB

    • MD5

      43ed6f508ba523e0a3b9224392755ea7

    • SHA1

      8b1e0ec29ab3759d1cec9a01ab4a323e4238684e

    • SHA256

      717118ffe9060081710cd6333549504004c9515df743f696b3c63eb7b2065407

    • SHA512

      cc6b6f112217b466c9c746f7647b833cc62ebe3e0aa2f03439e361fac9964b065c216ada2e4ac19ff5404eb6e663239dbad90b9dee94cd4c173c2667ff522fda

    • SSDEEP

      6144:rICvMnOTvcfgA0qBlJ89Ojo33C1oVDtY4sG2/WctyzuYf0oRCL23/:zvMnAA9BleOjoH4Ktm+jbFL3/

    Score
    3/10
    behavioral9

    • Target

      DarkTrack+Alien+4.1/DarkTrack Alien 4.1/stub/stub.exe

    • Size

      627KB

    • MD5

      edc9c0a3eaaf592dba89ec3735ef022b

    • SHA1

      4c1196733e6bafa0b7d3e078896d0937111a9440

    • SHA256

      98fb43736370f72edda152a0c6e5edeab4ffcd9e1c5b4da932b63e0b786c4161

    • SHA512

      4f1bbaff8d4a046cbde6dc82ff4c0b2adcb7604417b0498cc234f7aa1d28fe73545d69605ae64ab51404687ea5b4bbe88f037a867f1171cfcfd18f5e511752ef

    • SSDEEP

      12288:BOqvQomCg4G6q90tmPvj+GU/ttJuqwh3EQiXRUVZs4ixsiNhkApRaw:9oovgbAKvBgtJuqwh3EQihUb1ifNh

    Score
    10/10
    darktrackratstealer

    • DarkTrack

      DarkTrack is a remote administration tool written in delphi.

      ratstealerdarktrack

    • DarkTrack payload

    behavioral10

MITRE ATT&CK Matrix

Tasks