darkgate | 4444-16-0x0000000004A70000-0x0000000004E33000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

4444-16-0x0000000004A70000-0x0000000004E33000-memory.dmp
Size

3.8MB
MD5

0e7913bfd15943a8ce26d8275334f589
SHA1

4b2c0ce35d08ba6117eda2c2410913d6ff4231a6
SHA256

e7c734cb5aef706ab571d0103492d34ab81b1271fba35f5cf81aa18a80797a10
SHA512

02204e03e18e8f1da5898ade4fb5e0eed1af67413586dcc07064f9e62785bc2d0bd2d1adf644208cb99c6fb3594e2cba6c01ce80b67a54d6516bb97ff592f772
SSDEEP

12288:PwrUAW7ByABm5QLlftV2sZa8Q0d859jnFaXn9V6cg5qnul/lJC:P7AWNy95Q5VVtpQ0m5FFaXL6cQ+ut3

Score

10^/10

ricoc darkgate

Malware Config

Extracted

Family

darkgate

Botnet

Ricoc

C2

http://5.188.87.58

Attributes

alternative_c2_port
9999
anti_analysis
false
anti_debug
true
anti_vm
false
c2_port
2351
check_disk
false
check_ram
false
check_xeon
false
crypter_au3
true
crypter_dll
false
crypter_rawstub
false
crypto_key
DDrEhtzsHPvezn
internal_mutex
bKcDaE
minimum_disk
100
minimum_ram
4096
ping_interval
4
rootkit
true
startup_persistence
true
username
Ricoc

Signatures

Darkgate family
darkgate

Files

4444-16-0x0000000004A70000-0x0000000004E33000-memory.dmp

© 2018-2025

Terms | Privacy