General

  • Target

    25102023_2248_drkgate_data2.bin

  • Size

    405KB

  • Sample

    231025-r6rmwaah9w

  • MD5

    bef5fbc665d24dbc6d3ffb20c70613f1

  • SHA1

    3c5d35c855a141c2d891861499dbdf2d34e37255

  • SHA256

    cae52944498485b58cf44369de8b5cfe3590b9b2bad97ea7690f5c02853a2a10

  • SHA512

    34190125ef04d8519156eca2f5174a5e9c25662ef517d686b4a4b50327458401c3d4a9b4f08f3f0d38548b048cde8313ce0b9719de14586a0f9e704876d80268

  • SSDEEP

    6144:V5UTExW+vRaLjH5XVEqVomFDXfRhnJWoS1gAlCWZ4Tw:jUTExWnLjH5XVEqVvvnJWoSiAlTZ4

Malware Config

Extracted

Family

darkgate

Botnet

user_871236672

C2

http://taochinashowwers.com

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    true

  • c2_port

    2351

  • check_disk

    true

  • check_ram

    true

  • check_xeon

    true

  • crypter_au3

    false

  • crypter_dll

    false

  • crypter_rawstub

    true

  • crypto_key

    MImlcsfyPCPETh

  • internal_mutex

    txtMut

  • minimum_disk

    35

  • minimum_ram

    6000

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    user_871236672

Targets

    • Target

      25102023_2248_drkgate_data2.bin

    • Size

      405KB

    • MD5

      bef5fbc665d24dbc6d3ffb20c70613f1

    • SHA1

      3c5d35c855a141c2d891861499dbdf2d34e37255

    • SHA256

      cae52944498485b58cf44369de8b5cfe3590b9b2bad97ea7690f5c02853a2a10

    • SHA512

      34190125ef04d8519156eca2f5174a5e9c25662ef517d686b4a4b50327458401c3d4a9b4f08f3f0d38548b048cde8313ce0b9719de14586a0f9e704876d80268

    • SSDEEP

      6144:V5UTExW+vRaLjH5XVEqVomFDXfRhnJWoS1gAlCWZ4Tw:jUTExWnLjH5XVEqVvvnJWoSiAlTZ4

MITRE ATT&CK Enterprise v15

Tasks