darkgate | 5cf651f60c14427bfba1a913cd616444ef4eb43d6dbc3a94f90b59be60e4c0d3 | Triage

Sharing

General

Target

1252-97-0x00000000045E0000-0x000000000490A000-memory.dmp
Size

3.2MB
Sample

231103-n5tt3acb77
MD5

045f9d9b8b5b5352a60a2dfaf2a471a7
SHA1

4b8cbd6752e5c7790c7be999253842be136c24bf
SHA256

5cf651f60c14427bfba1a913cd616444ef4eb43d6dbc3a94f90b59be60e4c0d3
SHA512

befc8c6d5b8783a941acb2ac17481d4ef90e99e86c098bbff261c258af4f0e140ad4488ed059b97a5e43c2e8bd3a83472df06e2511825b4e425286fc2066098d
SSDEEP

6144:8pSULfUiWHqPEbYRSUhj+01GJ3XS3kcx6EdUo8wsKMMcd:aSefUiW4EbYRSUhj+lY0EdUPwEM

Score

10^/10

darkgate ads5

Malware Config

Extracted

Family

darkgate

Botnet

ADS5

C2

http://sftp.bitepieces.com

Attributes

alternative_c2_port
8080
anti_analysis
true
anti_debug
true
anti_vm
true
c2_port
443
check_disk
true
check_ram
true
check_xeon
true
crypter_au3
false
crypter_dll
false
crypter_rawstub
true
crypto_key
cMRrocZshCGeXq
internal_mutex
txtMut
minimum_disk
30
minimum_ram
6000
ping_interval
4
rootkit
true
startup_persistence
true
username
ADS5

Targets

- Target
  
  1252-97-0x00000000045E0000-0x000000000490A000-memory.dmp
- Size
  
  3.2MB
- MD5
  
  045f9d9b8b5b5352a60a2dfaf2a471a7
- SHA1
  
  4b8cbd6752e5c7790c7be999253842be136c24bf
- SHA256
  
  5cf651f60c14427bfba1a913cd616444ef4eb43d6dbc3a94f90b59be60e4c0d3
- SHA512
  
  befc8c6d5b8783a941acb2ac17481d4ef90e99e86c098bbff261c258af4f0e140ad4488ed059b97a5e43c2e8bd3a83472df06e2511825b4e425286fc2066098d
- SSDEEP
  
  6144:8pSULfUiWHqPEbYRSUhj+01GJ3XS3kcx6EdUo8wsKMMcd:aSefUiW4EbYRSUhj+lY0EdUPwEM
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2