Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2748-14-0x0000000004160000-0x0000000004523000-memory.dmp

  • Size

    3.8MB

  • Sample

    231011-n2hydsdd7w

  • MD5

    647d2a4dca16bbae086e8f2c7230cc75

  • SHA1

    d43ef323bd841d79e6c30f4ca62078c168285dd3

  • SHA256

    1a71f729b6480858f625c335553b39f7d7cbbb88da3a77bdb5597cd752e6e55f

  • SHA512

    513f7a612b8f2c039ce943bb930dd68b02832515ace906bc19695c661f2de9f327f62e124da931eb65c05e3f4b6f992b1f2770ad9201aba286ab91c878390f9f

  • SSDEEP

    12288:KdI3tW7x+Urjwoc963+xsBSEVkd8uMcfAMM/CjSJqnuR/8JC:KctWd+UYoc963+x+3kd5H4M9jSJ+uBE

Score
10/10
darkgateaa11

Malware Config

Extracted

Family

darkgate

Botnet

AA11

C2

http://94.228.169.143

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    false

  • c2_port

    2351

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    true

  • crypter_dll

    false

  • crypter_rawstub

    false

  • crypto_key

    QftsbpyrJeATQI

  • internal_mutex

    txtMut

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    AA11

Targets

    Tasks