Overview

overview

10

Static

static

1

9c71b3dd94...06.msi

windows7-x64

10

9c71b3dd94...06.msi

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c71b3dd94329b2649fd36ccd5f0df919126284883543cff573e103076ce3506.zip

  • Size

    1.7MB

  • Sample

    240402-l64dsaef96

  • MD5

    0a7b36e39d3578c004c24005f49a8ddc

  • SHA1

    cd9f308629fc5465ecdc93a8fbec2dbf708ce7e7

  • SHA256

    90ad24055d58230ddecb0ad267e663d9dcb8f5c10285016b2f3ae384695066b0

  • SHA512

    a03932e373f01b5e2fad948548c05736a0bd0e94c297513fa645864c21db204b0f417f8e84bbb382c346b99f3567b085470f698039f10c1d51201da40c38ed86

  • SSDEEP

    24576:d65KGFbe1wUb8dNBdJZn0EgcWeC8+PGGZaMLdFDIHiJn1nc4qjz5VS67nKKEGLnI:d659s1w9JlBbC8UKM5FjJn5TqVZbKqI

Score
10/10
darkgatediscoverystealer

Malware Config

Targets

    • Target

      9c71b3dd94329b2649fd36ccd5f0df919126284883543cff573e103076ce3506.msi

    • Size

      3.8MB

    • MD5

      4b2e289610400400a87a347ac2010c59

    • SHA1

      b8ec5f89be7282a376e1026afdf68ed46753b978

    • SHA256

      9c71b3dd94329b2649fd36ccd5f0df919126284883543cff573e103076ce3506

    • SHA512

      4e1eef2cf6e355549e0eb10309e6b6efb538d88e86ff25c77c201aaff37500b7daa6489a8fef88cf93d53771fe8c80bcf16f4b71d00e3a4824fd20a615c2b0f5

    • SSDEEP

      49152:9pUPW9qhCxzT+WKjSXVRzLVI4s2kF6Wua/tB2KJP9C9/q6ZXc5vpSOCH7p76yTJF:9prCQVNLe6kcL+j2CP9CaCbp7

    Score
    10/10
    darkgatediscoverystealer

    • DarkGate

      DarkGate is an infostealer written in C++.

      stealerdarkgate

    • Detect DarkGate stealer

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks