General
-
Target
2996-121-0x0000000002ED0000-0x00000000031FA000-memory.dmp
-
Size
3.2MB
-
Sample
231110-a9kkasgf6w
-
MD5
d12bbd4e2daee9720e0d7ecb47ed9470
-
SHA1
a3cb4ead70f7d82632b1e196e6b57ef71f1e23d1
-
SHA256
858f682676457852277e4d88d8b3142410eb263aa1cee0c85eab401a3e24a809
-
SHA512
e4847f77350b1caacca13e5f0c6d2a49dddee504d0e7dfc54c5084ec5ae0d550ce41d558381aadb97370e8315635e7be9c7627db84d366f92be77a4570c50347
-
SSDEEP
6144:xd3O2zvLWWZ6F96pe2VttZiMqq9zV1Q/ZuM2k+RVAZw:73O2zjWx96pe2VtHZe/Z3+vA
Behavioral task
behavioral1
Sample
2996-121-0x0000000002ED0000-0x00000000031FA000-memory.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
2996-121-0x0000000002ED0000-0x00000000031FA000-memory.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
darkgate
user_871236672
http://hadfadf87yuadfad.com
-
alternative_c2_port
8080
-
anti_analysis
true
-
anti_debug
true
-
anti_vm
true
-
c2_port
2351
-
check_disk
true
-
check_ram
true
-
check_xeon
true
-
crypter_au3
false
-
crypter_dll
false
-
crypter_rawstub
true
-
crypto_key
CbTWFsAhFuOWYT
-
internal_mutex
txtMut
-
minimum_disk
40
-
minimum_ram
7000
-
ping_interval
4
-
rootkit
true
-
startup_persistence
true
-
username
user_871236672
Targets
-
-
Target
2996-121-0x0000000002ED0000-0x00000000031FA000-memory.dmp
-
Size
3.2MB
-
MD5
d12bbd4e2daee9720e0d7ecb47ed9470
-
SHA1
a3cb4ead70f7d82632b1e196e6b57ef71f1e23d1
-
SHA256
858f682676457852277e4d88d8b3142410eb263aa1cee0c85eab401a3e24a809
-
SHA512
e4847f77350b1caacca13e5f0c6d2a49dddee504d0e7dfc54c5084ec5ae0d550ce41d558381aadb97370e8315635e7be9c7627db84d366f92be77a4570c50347
-
SSDEEP
6144:xd3O2zvLWWZ6F96pe2VttZiMqq9zV1Q/ZuM2k+RVAZw:73O2zjWx96pe2VtHZe/Z3+vA
Score1/10 -