General
-
Target
hacks.txt
-
Size
84B
-
Sample
240424-xm276afe44
-
MD5
e751540f9566e0b6b21b8793f32c1322
-
SHA1
25092e2748f6e1d2fb75c9e3d0f18a867744a74f
-
SHA256
a333d81913f8dcfc62440055dec0396b39ef3296eb3defeff393a153c6b044dc
-
SHA512
e89d2cdf799a3ba8ad5ea26e542708d0b756f4e8719611e1c6380fbb7c044dd7a953fe23ae7570118b8959d42e84422cd04f1fd604fc940b8bce6a4296a651ff
Static task
static1
Malware Config
Extracted
darkgate
seal001
185.196.220.194
-
anti_analysis
false
-
anti_debug
false
-
anti_vm
false
-
c2_port
80
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
false
-
crypter_dll
false
-
crypter_raw_stub
false
-
internal_mutex
QPNVenzK
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
6
-
rootkit
false
-
startup_persistence
false
-
username
seal001
Targets
-
-
Target
hacks.txt
-
Size
84B
-
MD5
e751540f9566e0b6b21b8793f32c1322
-
SHA1
25092e2748f6e1d2fb75c9e3d0f18a867744a74f
-
SHA256
a333d81913f8dcfc62440055dec0396b39ef3296eb3defeff393a153c6b044dc
-
SHA512
e89d2cdf799a3ba8ad5ea26e542708d0b756f4e8719611e1c6380fbb7c044dd7a953fe23ae7570118b8959d42e84422cd04f1fd604fc940b8bce6a4296a651ff
-
Detect DarkGate stealer
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-