darkgate | 2040-116-0x0000000002A50000-0x0000000002BE5000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

General

Target

2040-116-0x0000000002A50000-0x0000000002BE5000-memory.dmp
Size

1.6MB
MD5

e18524afc91ca8ec8f43685ecd6f7caa
SHA1

8177849a4853b3d171943492c6e671848ee1f6de
SHA256

0a27cf5d27541f720f35742da16d0f08679839710a7f29e5c3689586e3a0c554
SHA512

5b437ea88535f84464381479049bf4b743e5d0428fa438c988778c3543f53862c7f5ca9b4e29fe029e95dac0c21a98ef61a14ffa02054179f2a0059da9651b2b
SSDEEP

6144:S49vx1rDWm5itdva5rVR9tlUtCnzXeQBICo/vkOmvyPogmbl2EH:3vXrDWxdva5rVR9tJSQBICCwvyPoRbD

Score

10^/10

ads5 darkgate

Malware Config

Extracted

Family

darkgate

Botnet

ADS5

C2

http://sftp.noheroway.com

Attributes

alternative_c2_port
8080
anti_analysis
true
anti_debug
true
anti_vm
true
c2_port
443
check_disk
true
check_ram
true
check_xeon
true
crypter_au3
false
crypter_dll
false
crypter_rawstub
true
crypto_key
ATXtlWVDuHaLOk
internal_mutex
txtMut
minimum_disk
40
minimum_ram
6000
ping_interval
4
rootkit
true
startup_persistence
true
username
ADS5

Signatures

Darkgate family
darkgate

Files

2040-116-0x0000000002A50000-0x0000000002BE5000-memory.dmp

© 2018-2025

Terms | Privacy