Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4636-16-0x0000000004B40000-0x0000000004F03000-memory.dmp

  • Size

    3.8MB

  • Sample

    231011-spxm8sfb7z

  • MD5

    336e159f1192ef5be0bb6a877dbf0bbc

  • SHA1

    70c0b6c34b4211ec24b53ea90383eeade02d2170

  • SHA256

    5f66094a71306d095d35355bc47ef66b26ca0fb5058ecd171f6f61bde948f8bf

  • SHA512

    5b19d83f681ad3354ebe06eed8ff715f25af9612ffee70d2ce673222eb496751989c183a22cf55dbf4dfcdd8a925fc3aa0d2d15c3443075343d61c12e3835f9b

  • SSDEEP

    12288:QH2Zd+gWswKAJb52TGkd9mXHicUTWOSm7eIowGMmdjqnup//JC:QWvjWsXAH2qkd9mzUTL/aINZm5+uJR

Score
10/10
darkgatericoc

Malware Config

Extracted

Family

darkgate

Botnet

Ricoc

C2

http://5.188.87.58

Attributes
  • alternative_c2_port

    9999

  • anti_analysis

    false

  • anti_debug

    true

  • anti_vm

    false

  • c2_port

    2351

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    true

  • crypter_dll

    false

  • crypter_rawstub

    false

  • crypto_key

    DDrEhtzsHPvezn

  • internal_mutex

    bKcDaE

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    Ricoc

Targets

    Tasks