darkgate | 37ea19138d92d78440a3159bf4c475ccb68a520fddf63b4d0240a0e26f8ae871 | Triage

Submit
Reports

Overview

overview

Static

static

1

ea673e0e69...b3.msi

windows7-x64

ea673e0e69...b3.msi

windows10-2004-x64

Sharing

General

Target

426a59cd5e215e9f3696c1dcc8455d20.bin
Size

1.9MB
Sample

240202-blfrwacfgr
MD5

e64767d2e804feced891259d39dffa86
SHA1

83b5825ea7f19112ec347f5da974b84e08a4e88d
SHA256

37ea19138d92d78440a3159bf4c475ccb68a520fddf63b4d0240a0e26f8ae871
SHA512

186919243f0391a104ba9fe50a3dd1bc93dc6d656ba91f157db6cc2e127d51ead710f4bdf809f800e914d1d6503223ce247969f3f1ebaf14b6bf63bca6d01a2b
SSDEEP

49152:uBjDhWEKuQyXjbevE3JZHpzxWxOKIaq4oH26:uRUEKsfnpzUxOKIatd6

Score

10^/10

darkgate discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

ea673e0e6986e41a73c19dd2a9cfde3d2d4186ef52c23c1253dde2d54faca7b3.msi

Resource

win7-20231215-en

darkgate discovery stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

ea673e0e6986e41a73c19dd2a9cfde3d2d4186ef52c23c1253dde2d54faca7b3.msi

Resource

win10v2004-20231215-en

darkgate discovery stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  ea673e0e6986e41a73c19dd2a9cfde3d2d4186ef52c23c1253dde2d54faca7b3.msi
- Size
  
  3.7MB
- MD5
  
  426a59cd5e215e9f3696c1dcc8455d20
- SHA1
  
  255d113da1dc32c3b341e643c01e9f5a13e060de
- SHA256
  
  ea673e0e6986e41a73c19dd2a9cfde3d2d4186ef52c23c1253dde2d54faca7b3
- SHA512
  
  4b684a97aa6d3b08459b69fb610b6ad5458de56c056f79e91e164cd8914f58ed8734ea4493bbac42c18982a80ffea30d6ba4306ef722bafc49debd4b0f68540a
- SSDEEP
  
  49152:TpUPbczduZ0Yx87nxODZGMFLnd+A1m4wcMO6XOf4BmCk2ZlZ:Tp1BB7nxOtFjfBwpOff4BmCk2Zl
Score

10^/10

darkgate discovery stealer
- DarkGate
  DarkGate is an infostealer written in C++.
  stealer darkgate
- Detect DarkGate stealer
- Modifies file permissions
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkgatediscoverystealer

behavioral2

darkgatediscoverystealer

© 2018-2024

Terms | Privacy