darkgate

Resubmissions

04/10/2023, 14:56

231004-sa76escf4v 10

04/10/2023, 13:37

231004-qwx68sca6v 10

03/10/2023, 15:09

231003-sjsr4ace4x 10

Sharing

Copy URL

Twitter E-mail

General

Target

test.cmd
Size

246B
Sample

231003-sjsr4ace4x
MD5

2d797e5e30c2bd74dca3ff4313117abc
SHA1

a3d5b080a3b4d5f7c0eae7ce99b97f7602c3fc0b
SHA256

20fe5b613a2057a021fa54982a4853e63f18fccd1b4270afe99ed3d7a442d6e7
SHA512

aeed84d85d51b1b9a6acff0c80006f706b78a8d395d242216cc7a74c03a333d4d27c42518a4757688aada386dfac1896d5473e4fa010d47963ca4b0a33eb27d5

Score

10^/10

darkgate stealer

Malware Config

Extracted

Family

darkgate

http://onlinesalesjerek.com

http://onnlinebadroomstore.com

http://rty777casinojoker.com

http://herbolikcsoonstreedj.com

Targets

- Target
  
  test.cmd
- Size
  
  246B
- MD5
  
  2d797e5e30c2bd74dca3ff4313117abc
- SHA1
  
  a3d5b080a3b4d5f7c0eae7ce99b97f7602c3fc0b
- SHA256
  
  20fe5b613a2057a021fa54982a4853e63f18fccd1b4270afe99ed3d7a442d6e7
- SHA512
  
  aeed84d85d51b1b9a6acff0c80006f706b78a8d395d242216cc7a74c03a333d4d27c42518a4757688aada386dfac1896d5473e4fa010d47963ca4b0a33eb27d5
Score

10^/10

darkgate stealer
- DarkGate
  DarkGate is an infostealer written in C++.
  stealer darkgate
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Downloads MZ/PE file

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2