General
-
Target
2796-14-0x0000000004730000-0x0000000004AF3000-memory.dmp
-
Size
3.8MB
-
MD5
65e3ef00f571484a19cb4e62a0395e40
-
SHA1
657c24caf2686ce263de15add744bd23cc627de0
-
SHA256
f15c256502330fbe00167b093093440a10ebb07cfc85f5012c14ae81c5d4005a
-
SHA512
da06f84c6ca26c776957614f9818a1ddfdf89d30fe0d78d85a56b16df50837347000a9424893ba830e0a2dfa2b0c4c0ec53207d611d786d35046f232c452a390
-
SSDEEP
24576:Z9V5MWzlirmst6ZFuo5AoSvJSL+Mp+uNU:Z9V5imwKSvJSLql
Malware Config
Extracted
Family
darkgate
Botnet
AA11
C2
http://94.228.169.143
Attributes
-
alternative_c2_port
8080
-
anti_analysis
true
-
anti_debug
true
-
anti_vm
false
-
c2_port
2351
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
true
-
crypter_dll
false
-
crypter_rawstub
false
-
crypto_key
QftsbpyrJeATQI
-
internal_mutex
txtMut
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
4
-
rootkit
true
-
startup_persistence
true
-
username
AA11
Signatures
-
Darkgate family
Files
-
2796-14-0x0000000004730000-0x0000000004AF3000-memory.dmp