darkgate | e2da9b2b37ad5b39de4f4491f8a805d44869b32d4b2563bf944dced4d0faa723 | Triage

Sharing

General

Target

4360-111-0x0000000004590000-0x00000000048C2000-memory.dmp
Size

3.2MB
Sample

231101-nawp6sfd5z
MD5

9fa4fc6ddc5044936b6f7bdacf63c82c
SHA1

daf16dec078b7f15a35aa94cbf9ca077d2668750
SHA256

e2da9b2b37ad5b39de4f4491f8a805d44869b32d4b2563bf944dced4d0faa723
SHA512

18e5e499820b6aa2289e73caf1e0e7b969ecc284bc70266a13d89f6959362159cccac337c0b9e91ac7b0cbacf4031d297181b7d5c7ed68cfe3cc65691256aff6
SSDEEP

6144:CCV9+GFr03BWVdh93StpWsUWR5cwmXVBfFTYccgcjsX3SYVN:r9P03BWR93IpxUWal/0ccBoSYv

Score

10^/10

darkgate user_871236672

Malware Config

Extracted

Family

darkgate

Botnet

user_871236672

C2

http://cheneseemeg7575.cash

http://annoyingannoying.vodka

http://uiahbmajokriswhoer.net

Attributes

alternative_c2_port
8080
anti_analysis
true
anti_debug
true
anti_vm
true
c2_port
2351
check_disk
true
check_ram
true
check_xeon
true
crypter_au3
false
crypter_dll
false
crypter_rawstub
true
crypto_key
TDoGTDSWKFuYaM
internal_mutex
txtMut
minimum_disk
35
minimum_ram
6000
ping_interval
4
rootkit
true
startup_persistence
true
username
user_871236672

Targets

- Target
  
  4360-111-0x0000000004590000-0x00000000048C2000-memory.dmp
- Size
  
  3.2MB
- MD5
  
  9fa4fc6ddc5044936b6f7bdacf63c82c
- SHA1
  
  daf16dec078b7f15a35aa94cbf9ca077d2668750
- SHA256
  
  e2da9b2b37ad5b39de4f4491f8a805d44869b32d4b2563bf944dced4d0faa723
- SHA512
  
  18e5e499820b6aa2289e73caf1e0e7b969ecc284bc70266a13d89f6959362159cccac337c0b9e91ac7b0cbacf4031d297181b7d5c7ed68cfe3cc65691256aff6
- SSDEEP
  
  6144:CCV9+GFr03BWVdh93StpWsUWR5cwmXVBfFTYccgcjsX3SYVN:r9P03BWR93IpxUWal/0ccBoSYv
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

user_871236672darkgate

behavioral1

behavioral2