Overview

overview

10

Static

static

5

16022024_0...te.exe

windows7-x64

10

16022024_0...te.exe

windows10-2004-x64

10

Resubmissions

15/02/2024, 17:49

240215-wd38esdc39 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    16022024_0149_reader_update.exe

  • Size

    1023KB

  • Sample

    240215-wd38esdc39

  • MD5

    a74ae422391a22b5469135ae7f0cbf7d

  • SHA1

    c475b69e647c55c94e4cb654af3e3248280fb5af

  • SHA256

    2f13c4d57fe43929fbf507699fc6701459b0a118616776995d437787ba558042

  • SHA512

    496ed98f57818fe6240d8ead975ff6e31857a6df92b3dbbf6b8d091eceb32e7a0a71c42d70d0fd75f3f102eb3a36145d9a7d54060a9ec79c37432d62c5afac22

  • SSDEEP

    24576:prORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9Tvabyk:p2EYTb8atv1orq+pEiSDTj1VyvBabV

Score
10/10
darkgatestealer

Malware Config

Targets

    • Target

      16022024_0149_reader_update.exe

    • Size

      1023KB

    • MD5

      a74ae422391a22b5469135ae7f0cbf7d

    • SHA1

      c475b69e647c55c94e4cb654af3e3248280fb5af

    • SHA256

      2f13c4d57fe43929fbf507699fc6701459b0a118616776995d437787ba558042

    • SHA512

      496ed98f57818fe6240d8ead975ff6e31857a6df92b3dbbf6b8d091eceb32e7a0a71c42d70d0fd75f3f102eb3a36145d9a7d54060a9ec79c37432d62c5afac22

    • SSDEEP

      24576:prORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9Tvabyk:p2EYTb8atv1orq+pEiSDTj1VyvBabV

    Score
    10/10
    darkgatestealer

    • DarkGate

      DarkGate is an infostealer written in C++.

      stealerdarkgate

    • Detect DarkGate stealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks