General
-
Target
test.cmd
-
Size
246B
-
Sample
231004-sa76escf4v
-
MD5
2d797e5e30c2bd74dca3ff4313117abc
-
SHA1
a3d5b080a3b4d5f7c0eae7ce99b97f7602c3fc0b
-
SHA256
20fe5b613a2057a021fa54982a4853e63f18fccd1b4270afe99ed3d7a442d6e7
-
SHA512
aeed84d85d51b1b9a6acff0c80006f706b78a8d395d242216cc7a74c03a333d4d27c42518a4757688aada386dfac1896d5473e4fa010d47963ca4b0a33eb27d5
Malware Config
Extracted
darkgate
usr_871663321
http://onlinesalesjerek.com
http://onnlinebadroomstore.com
http://rty777casinojoker.com
http://herbolikcsoonstreedj.com
-
alternative_c2_port
443
-
anti_analysis
true
-
anti_debug
true
-
anti_vm
true
-
c2_port
2351
-
check_disk
true
-
check_ram
true
-
check_xeon
true
-
crypter_au3
true
-
crypter_dll
false
-
crypter_rawstub
false
-
crypto_key
vDTMGxhyWeiCzX
-
internal_mutex
txtMut
-
minimum_disk
40
-
minimum_ram
4096
-
ping_interval
4
-
rootkit
true
-
startup_persistence
true
-
username
usr_871663321
Targets
-
-
Target
test.cmd
-
Size
246B
-
MD5
2d797e5e30c2bd74dca3ff4313117abc
-
SHA1
a3d5b080a3b4d5f7c0eae7ce99b97f7602c3fc0b
-
SHA256
20fe5b613a2057a021fa54982a4853e63f18fccd1b4270afe99ed3d7a442d6e7
-
SHA512
aeed84d85d51b1b9a6acff0c80006f706b78a8d395d242216cc7a74c03a333d4d27c42518a4757688aada386dfac1896d5473e4fa010d47963ca4b0a33eb27d5
Score10/10-
DarkGate
DarkGate is an infostealer written in C++.
-
Downloads MZ/PE file
-
Executes dropped EXE
-