Extracted

• • Target

    app(060e45bf7b57d4).js

  • Size

    252KB

  • MD5

    b428fd3b31d80dbdbbe4ee4949cfbe54

  • SHA1

    3f39780bffd9b6b04dba52843622497606808020

  • SHA256

    16613e7c07681726ab577e6ac14114cb42691838fa3c6c4c1bef7dafa2c7c4a0

  • SHA512

    dd77e51e0d6c573d7fe7a3d5ac50b23fe0d81a3323ad89f80a8a3eadd61dc2cff9a6f86ea7632315ec3549e7528053b3634ebc8aec158a3023ca434ea85988c3

  • SSDEEP

    6144:Fe7hgXeerjqlI2Iro+lJe7hgXeerjqlI2Iro+8:FIhgSlI23mJIhgSlI23V

  Score

  10^/10

  darkgateads5stealer

  • DarkGate

    DarkGate is an infostealer written in C++.

    stealerdarkgate

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2