General
-
Target
2948-104-0x0000000002EE0000-0x0000000003212000-memory.dmp
-
Size
3.2MB
-
Sample
231102-hf9akaad89
-
MD5
26ddbf2222d12b07b060f09961c89d42
-
SHA1
d03ff3fdb30443deffd4b2214512e7546ab42d03
-
SHA256
152d6c4798c82adf5273cf1aa11f04f9724704fa8ed2eec18f2ce90d83a83cbd
-
SHA512
e5e8ddcd5b9f29d1c27750cfbb21fc0cd8b6c50c4c23d6f08d4b10475ddcbc6c190acd0a317165363c9111f5dc59ee3aba771461472f80a185707571ad905a52
-
SSDEEP
6144:nB8aLLFKcWHs6XiXRtmKdeDWDjjSXljxdI6ahzPt:B84FKcW/XiXRtmdXl9j+zV
Malware Config
Extracted
darkgate
ADS5
http://sftp.firestarted.com
-
alternative_c2_port
8080
-
anti_analysis
true
-
anti_debug
true
-
anti_vm
true
-
c2_port
443
-
check_disk
true
-
check_ram
true
-
check_xeon
true
-
crypter_au3
false
-
crypter_dll
false
-
crypter_rawstub
true
-
crypto_key
fEOLPWGbELUQMh
-
internal_mutex
txtMut
-
minimum_disk
30
-
minimum_ram
6000
-
ping_interval
4
-
rootkit
true
-
startup_persistence
true
-
username
ADS5
Targets
-
-
Target
2948-104-0x0000000002EE0000-0x0000000003212000-memory.dmp
-
Size
3.2MB
-
MD5
26ddbf2222d12b07b060f09961c89d42
-
SHA1
d03ff3fdb30443deffd4b2214512e7546ab42d03
-
SHA256
152d6c4798c82adf5273cf1aa11f04f9724704fa8ed2eec18f2ce90d83a83cbd
-
SHA512
e5e8ddcd5b9f29d1c27750cfbb21fc0cd8b6c50c4c23d6f08d4b10475ddcbc6c190acd0a317165363c9111f5dc59ee3aba771461472f80a185707571ad905a52
-
SSDEEP
6144:nB8aLLFKcWHs6XiXRtmKdeDWDjjSXljxdI6ahzPt:B84FKcW/XiXRtmdXl9j+zV
Score1/10 -