Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2372-382-0x00000000033B0000-0x0000000003773000-memory.dmp

  • Size

    3.8MB

  • MD5

    029e909d229cae8c27f88db43a7a3db3

  • SHA1

    e2d2e3d0397f8b6f5b3172bbaceb81e1b2223566

  • SHA256

    c5053c57107398af21a9abcb2bda0ee5007b2d476881a55a69703aa309167985

  • SHA512

    eac509373b3bf42fd951de032beaf2d04486cb2c5c6f8e69628b7c4901879aeefe3609aa176a0896e444da8b5b79cff63170b5b51163498e105a5a60978a179a

  • SSDEEP

    12288:KRGXdWHWVGvhbIj4PqB0l7Ic8lYMoabSesC1WBqnup/qJC:KadW2VGpIjKqByMc8l3J2ev1WB+uJ6

Score
10/10
a1111darkgate

Malware Config

Extracted

Family

darkgate

Botnet

A1111

C2

http://wilsoncallert.com

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    false

  • c2_port

    2351

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    true

  • crypter_dll

    false

  • crypter_rawstub

    false

  • crypto_key

    nSoLLNAEzUGGah

  • internal_mutex

    txtMut

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    A1111

Signatures

Files

  • 2372-382-0x00000000033B0000-0x0000000003773000-memory.dmp