darkgate | 522f39e48985edef7c06bcc2d56f756df0e4c97ad757d74917e9f19d5f0e3687 | Triage

Submit
Reports

Overview

overview

Static

static

1

bye.vbs

windows7-x64

8

bye.vbs

windows10-2004-x64

Sharing

General

Target

mkpub_bye.zip
Size

19KB
Sample

231003-b9frsaff3y
MD5

3effd5c6d7b56d5e7864ef623694683c
SHA1

eb8cbbaeaeb66aaecd2ed56f999761d17649e10a
SHA256

522f39e48985edef7c06bcc2d56f756df0e4c97ad757d74917e9f19d5f0e3687
SHA512

1864bfe0556d0218d7d2028b79305fd0becc58102ea292472856c782e481f089e618ec04e78c475ec2d419d7afb5176c0cf2972949f75b3fe62902fc0e004ca9
SSDEEP

384:G5TIjCvbC3TNyJK+btsV7qSaM75lnnTkhJP+MdIrX8j9X/D/h78vQ3/:MTI+vYIJK6u7nTGmMdIrX0vD/Z8Y

Score

10^/10

darkgate stealer

Static task

static1

Behavioral task

behavioral1

Sample

bye.vbs

Resource

win7-20230831-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bye.vbs

Resource

win10v2004-20230915-en

darkgate stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

darkgate

C2

http://searcherbigdealk.com

Targets

- Target
  
  bye.vbs
- Size
  
  87KB
- MD5
  
  c203856ba9d7f9a78341114422c1e72d
- SHA1
  
  db4cd591b107d23e95f52148c42bd7bf272b7b82
- SHA256
  
  713640bdfeb056cda0283464f5e1e85dd8ff7ecfdbe436fec5e22d86a052e3ef
- SHA512
  
  1d0cd5134262b12fbed2e742e309569370d7eae16e2d8d58f55b083bcae7a108c0096b5691cc2fb061ca90e6b3226a1dd261399c5ef961c909615f49a6ae29f8
- SSDEEP
  
  1536:vDgcLZK8HLHQj2Bks7wrzeABf2v60QL4mW+0rURc:bgerwj2Bk3z7doMxW+0Ec
Score

10^/10

darkgate stealer
- DarkGate
  DarkGate is an infostealer written in C++.
  stealer darkgate
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkgatestealer

© 2018-2025

Terms | Privacy