b1241b69116ad07db69b3bcb9579af18e0ba13c2b663584e2047ecc39c66ed0e | Triage

Resubmissions

19-08-2023 04:49

230819-ffsxgaga73 3

19-08-2023 04:47

230819-fek58sga46 3

19-08-2023 04:35

230819-e7wa8shd8y 5

19-08-2023 04:30

230819-e41fsahd8s 5

19-08-2023 04:27

230819-e3a5haga32 5

19-08-2023 04:24

230819-e1wy7ahd7t 5

16-08-2023 13:07

230816-qcxflacg8x 5

Sharing

General

Target

DarkGateLoader.rar
Size

10.2MB
Sample

230819-e7wa8shd8y
MD5

c5afd22ea358caddebf4dbc138b16d72
SHA1

771d887e0ffe4ca513d4e0041efc682469e252f8
SHA256

b1241b69116ad07db69b3bcb9579af18e0ba13c2b663584e2047ecc39c66ed0e
SHA512

b8b0e9cdae42de74b59ae72d3e7ebe063c76bae4ef39ae20d994b1d83811858219845286125cd76495f145e71665cd2ca807e36b909ddce46b1057819fce657a
SSDEEP

196608:zZKfyEeF09HoTL27kYtRjruCyeD+QoRwH9tQOzxhN7qvu:zZZ7K9HQL23t5lyDQoR0oG

Score

5^/10

Malware Config

Targets

- Target
  
  DarkGateLoader.exe
- Size
  
  24.5MB
- MD5
  
  90262f95bf3a705ab9d23cde1f415655
- SHA1
  
  dc9f7383403df475173be606de1c4c61836dba73
- SHA256
  
  44d678f7cae23769cf2b9d59cb114b990c18d8a106de41526e4f9685d5331048
- SHA512
  
  3e6e23b8154ecaaaca27da5f73d5135b507621d7aeaad14deb5ded92bc61ba694760c1340e0264e44ebbe94a479738cd9ccf664415a94f8263234fdd289bcc45
- SSDEEP
  
  196608:73esNoeoCxZ1Ev7L0dtbqvLSOJJ4VvL2iSY/VCMzEqcVqeCqe:73esNoeoCYL0dtmj7JJJWCMzE5TC
Score

5^/10
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1