Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3996-73-0x0000000004AC0000-0x0000000004E83000-memory.dmp

  • Size

    3.8MB

  • MD5

    61064e9de9f337605316881b435ff7d3

  • SHA1

    d1ec5c112e2befa5336609a4ed4ff1af01145ce6

  • SHA256

    52a5cd64964ba34a79fdfe8296db2d2eff2aff0484d55c79bfc1c65dbf6e8593

  • SHA512

    0142725f8cd09fba354882e127f3913edec9b8e50784dc40693c8c0ad2bfc554702288c21878cdaeb692f0dfb60ea63e5c21a2677502d5fa3b9bc8281644402f

  • SSDEEP

    12288:IfOCafzWvuBgh7B+KsNkffb0IKu+qOLmIgYBm292qnuJ/YJC:IKrW6gX+KsNAT07T/CItBmp+upI

Score
10/10
aa11darkgate

Malware Config

Extracted

Family

darkgate

Botnet

AA11

C2

http://94.228.169.143

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    false

  • c2_port

    2351

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    true

  • crypter_dll

    false

  • crypter_rawstub

    false

  • crypto_key

    IDmfxvToPtabWZ

  • internal_mutex

    txtMut

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    AA11

Signatures

Files

  • 3996-73-0x0000000004AC0000-0x0000000004E83000-memory.dmp