Extracted

• • Target

    07112023_0247_app(060e45bf7b57d4).js

  • Size

    252KB

  • MD5

    52084d5af42edfe681c380b0fd8d1ca3

  • SHA1

    dcc445bb4a504c2bd1e0c3f0251b3fe4bf60c5b3

  • SHA256

    8f7c401cde820120aedfc52946a8493e0540ab3f9eaa38a4e8d138389e89bc84

  • SHA512

    b58d3973ea47c268c789915d94527a45a79165243015ccc69cbee29376cc4faed40b3abf0c9ebe2ac10bc1019bc55ee5e32b90a22432f541b361e34c9e985ac1

  • SSDEEP

    6144:je7hgXeerjqlI2Iro+He7hgXeerjqlI2Iro+8:jIhgSlI238IhgSlI23V

  Score

  10^/10

  darkgateads5stealer

  • DarkGate

    DarkGate is an infostealer written in C++.

    stealerdarkgate

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2