darkgate | 1c234c5ba3f3049f5e8783ff2474f33ca5b2c1094329d50fd2c95b6065cfa112 | Triage

Submit
Reports

Overview

overview

Static

static

1

bad.bat

windows11-21h2-x64

Sharing

General

Target

bad.bat
Size

77B
Sample

240506-xg3xhaec2s
MD5

ef00fa47ec774fcccffdb0de508bdd42
SHA1

e491fea5c9023b0858bb65433605257d1c123fac
SHA256

1c234c5ba3f3049f5e8783ff2474f33ca5b2c1094329d50fd2c95b6065cfa112
SHA512

0bd3f151ff6798315dea3df4efdf271bfcc6d6caec19aecc2262bfbada652de83aaba6b99b38d9ccf2dac2af770b05e426d292b1e3fc1959fa7e2205f5596a25

Score

10^/10

darkgate admin888 execution stealer

Static task

static1

Behavioral task

behavioral1

Sample

bad.bat

Resource

win11-20240419-en

darkgate admin888 execution stealer

windows11-21h2-x64

19 signatures

150 seconds

Malware Config

Extracted

Family

darkgate

Botnet

admin888

C2

findyourbackups.com

Attributes

anti_analysis
false
anti_debug
false
anti_vm
false
c2_port
80
check_disk
false
check_ram
false
check_xeon
false
crypter_au3
false
crypter_dll
false
crypter_raw_stub
false
internal_mutex
ljuGymXn
minimum_disk
100
minimum_ram
4096
ping_interval
6
rootkit
false
startup_persistence
true
username
admin888

Targets

- Target
  
  bad.bat
- Size
  
  77B
- MD5
  
  ef00fa47ec774fcccffdb0de508bdd42
- SHA1
  
  e491fea5c9023b0858bb65433605257d1c123fac
- SHA256
  
  1c234c5ba3f3049f5e8783ff2474f33ca5b2c1094329d50fd2c95b6065cfa112
- SHA512
  
  0bd3f151ff6798315dea3df4efdf271bfcc6d6caec19aecc2262bfbada652de83aaba6b99b38d9ccf2dac2af770b05e426d292b1e3fc1959fa7e2205f5596a25
Score

10^/10

darkgate admin888 execution stealer
- DarkGate
  DarkGate is an infostealer written in C++.
  stealer darkgate
- Detect DarkGate stealer
- Blocklisted process makes network request
- Executes dropped EXE
- Command and Scripting Interpreter: AutoIT
  Using AutoIT for possible automate script.
  execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AutoHotKey & AutoIT

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkgateadmin888executionstealer

© 2018-2025

Terms | Privacy