General
-
Target
856-41-0x0000000003A00000-0x0000000003B95000-memory.dmp
-
Size
1.6MB
-
MD5
9b010b45c000f1c96a00e967d25495a2
-
SHA1
167cf96d74e8b569dcb6ae783c51a3de2b48cfa9
-
SHA256
f277f1bd710c603afa3fe6ae15257507801c2b0fb4a2d4a22524df271caaed81
-
SHA512
37804618a17c044342e354508954f92fe939cadcb9e83358eebb15f22f6c813a82f99a8b074b6aacae89aa2516a25dbea5c9dfcd37debcda8529480b00e7672b
-
SSDEEP
6144:H9zjI1taXgsJW7lXo1Y2O1cOX7jy8dv8aYoz+K6bLjNg:dzE1egsJW7lX04X7jyJXoz+KCLje
Malware Config
Extracted
Family
darkgate
Botnet
A11111
C2
http://faststroygo.com
Attributes
-
alternative_c2_port
8080
-
anti_analysis
false
-
anti_debug
false
-
anti_vm
false
-
c2_port
80
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
false
-
crypter_dll
false
-
crypter_rawstub
true
-
crypto_key
sYEvPOjQglaHah
-
internal_mutex
txtMut
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
4
-
rootkit
true
-
startup_persistence
true
-
username
A11111
Signatures
-
Darkgate family
Files
-
856-41-0x0000000003A00000-0x0000000003B95000-memory.dmp