Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4396-29-0x0000000004B80000-0x0000000004D15000-memory.dmp

  • Size

    1.6MB

  • Sample

    231109-rs4qaahh2t

  • MD5

    67880016c9fc1f540a91d179c01478f0

  • SHA1

    d6993db556d59465f96f5530e304664b5feb3e87

  • SHA256

    cd5f4cb9de5c866351842c28acb80581b522f97efcf4a9f010ac19b48e9a9bf5

  • SHA512

    fbcb4218e6e1be507b1163d2e69ce59f5a9e7586d2e3338e0ae9dc712cab6c7bb6fb8569a6b5887f0bac13530b998d1978ef5d780d96fab1e2985981bb874abd

  • SSDEEP

    12288:RgLuRAZAKltif4W+yYwZoq4pzsb+Xt6E77AC:RvAZCf4W+yYwZQpzu06UMC

Score
10/10
darkgateads5

Malware Config

Extracted

Family

darkgate

Botnet

ADS5

C2

http://siliconerumble.com

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    true

  • c2_port

    443

  • check_disk

    true

  • check_ram

    true

  • check_xeon

    false

  • crypter_au3

    false

  • crypter_dll

    false

  • crypter_rawstub

    true

  • crypto_key

    zSfdFmnnAquXKs

  • internal_mutex

    txtMut

  • minimum_disk

    32

  • minimum_ram

    6003

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    ADS5

Targets

    Tasks