General

  • Target

    3085f6b9a1b032da3e69427923bfe8e4.bin

  • Size

    1.8MB

  • Sample

    240202-bg8bbsacc5

  • MD5

    73fb1b5413c426a48fc3328695f2a9f5

  • SHA1

    35680af7bfd15445aed759dd4abdc9a4981c10f8

  • SHA256

    5c3e61bef189b461dce14b541381e1ad78ae6f7afcefb86c76933002ff0d39be

  • SHA512

    9d5329a2620544905b4513de9d21c09b4d8057fb077d765ae87a3463a3d4525d69a1b61cce2f42446e2f91317bca0d12b730ab6de67d42649605defe53918a28

  • SSDEEP

    49152:qBo6r5GpM7djrnQs/4WkVLr3PHyoVqzYWCV8:Co/pM7dXfAWkV/3vysMrd

Malware Config

Targets

    • Target

      doomday.msi

    • Size

      3.7MB

    • MD5

      426a59cd5e215e9f3696c1dcc8455d20

    • SHA1

      255d113da1dc32c3b341e643c01e9f5a13e060de

    • SHA256

      ea673e0e6986e41a73c19dd2a9cfde3d2d4186ef52c23c1253dde2d54faca7b3

    • SHA512

      4b684a97aa6d3b08459b69fb610b6ad5458de56c056f79e91e164cd8914f58ed8734ea4493bbac42c18982a80ffea30d6ba4306ef722bafc49debd4b0f68540a

    • SSDEEP

      49152:TpUPbczduZ0Yx87nxODZGMFLnd+A1m4wcMO6XOf4BmCk2ZlZ:Tp1BB7nxOtFjfBwpOff4BmCk2Zl

    • DarkGate

      DarkGate is an infostealer written in C++.

    • Detect DarkGate stealer

    • Modifies file permissions

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks