Overview

overview

10

Static

static

1

reincarnation.msi

windows7-x64

10

reincarnation.msi

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e1bcf78fc03408afbd8f0eee3607b40780cc0362145c0ca9c2e063f7d33fd40.zip

  • Size

    1.7MB

  • Sample

    240402-l6zqlaeb9x

  • MD5

    c41d626b3f06b7e7c319899d4a48a181

  • SHA1

    9f4e3e5b04346010e0c4438ea4450523cb28f468

  • SHA256

    02a39bc189520c404c13f42cd00a9297ff3420ad29837ae081be040751bf51a2

  • SHA512

    589b5acb96d10e0f7d7207315e807c5cee1fa2167ed9f25de97d79917215f1606b4428bd7c3d76d36f7f601b24eca7374f911225e9b80e229b638eee9135bd59

  • SSDEEP

    24576:TLBrxcvc9uAlVKGm5i1JwSnkVN9e51u0CN1fB9cEtDbs0OsYzKCfavZqXuAbCXAy:THcYFzjhnSNsU5B9cqsGaTTXuA6AIN

Score
10/10
darkgatediscoverystealer

Malware Config

Targets

    • Target

      reincarnation.msi

    • Size

      3.8MB

    • MD5

      4b2e289610400400a87a347ac2010c59

    • SHA1

      b8ec5f89be7282a376e1026afdf68ed46753b978

    • SHA256

      9c71b3dd94329b2649fd36ccd5f0df919126284883543cff573e103076ce3506

    • SHA512

      4e1eef2cf6e355549e0eb10309e6b6efb538d88e86ff25c77c201aaff37500b7daa6489a8fef88cf93d53771fe8c80bcf16f4b71d00e3a4824fd20a615c2b0f5

    • SSDEEP

      49152:9pUPW9qhCxzT+WKjSXVRzLVI4s2kF6Wua/tB2KJP9C9/q6ZXc5vpSOCH7p76yTJF:9prCQVNLe6kcL+j2CP9CaCbp7

    Score
    10/10
    darkgatediscoverystealer

    • DarkGate

      DarkGate is an infostealer written in C++.

      stealerdarkgate

    • Detect DarkGate stealer

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks