97100a8da2146d6a9d4746a850a84d79a3c941cefacb0357f346ed44c653adad

Resubmissions

01-06-2024 21:09

240601-zzxvbafa7v 7

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-14-DarkGate-malware-and-artifacts.zip
Size

2.9MB
Sample

240601-zzxvbafa7v
MD5

6d9f4fbc9db6a47636e0caa14561b003
SHA1

7fc9a0e88073708c53b2fd63a3f5737bdf50a755
SHA256

97100a8da2146d6a9d4746a850a84d79a3c941cefacb0357f346ed44c653adad
SHA512

a5dca4873f7e946b7a7415011fbff5a1a47f059e1c0b839fbca79b6c8645c3b84e1f7958cfc7f626c5740ea89afac9bdd9345c700ffd4cbb33140b5142200da0
SSDEEP

49152:cYHrKLMvGChY1q1B9KUl9aHAZVx1qoiWqvrICkWmISsTi/uXuQgumBnnt9ePQhaj:lLRGHYB7l9FqbvUVdsTnXGnnt98Q0Gzc

Score

7^/10

execution

Malware Config

Targets

- Target
  
  01-HTML-files-13-examples/May_119275.html
- Size
  
  61KB
- MD5
  
  2b9647e5c3057dfa684326fa9c484a16
- SHA1
  
  ec38a04f0040c80fe4a29adc0adb4ac78dc3e844
- SHA256
  
  b8229d8cc26b1622815a3d3537ab3c6a4a1ec24888953eda0d69cd602f05c272
- SHA512
  
  c1d5a1122e189db3e36ffd3f56584098e4f41e42542a64cd0bcede40b9dc996f38ec2c5b1a877e89cd83b2c6affc961e96cf7c3c82f185b29dbf5d67064440f2
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AaH5dyM:Uzxu6xdK2F//B04m/AaH3yM
Score

1^/10
behavioral1 behavioral2
- Target
  
  01-HTML-files-13-examples/May_234892.html
- Size
  
  61KB
- MD5
  
  f6edba2fed2aee71bb5c9359343dae7c
- SHA1
  
  e0ea388c24115ec17636d895b0d95691f7c5be35
- SHA256
  
  3fe42a4a39f3d0136df91b1d1b2959229cbe0e3cf2f4106e007b3f4f5548e80a
- SHA512
  
  3ad255c445e1b00b799b1b2b6e6baf70a6dc8e73709b79d6e2f1a1339eb726682881fb3af7b03a658d497d759e6a6c0b9420de3eb0165ebc95c66991e9ef9d76
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AmH5dyM:Uzxu6xdK2F//B04m/AmH3yM
Score

1^/10
behavioral3 behavioral4
- Target
  
  01-HTML-files-13-examples/May_299872.html
- Size
  
  61KB
- MD5
  
  ee09ae144c8ed2e18acf84e5a00bf657
- SHA1
  
  b28023918046db2d587281f63ea1ab2fde7a36d1
- SHA256
  
  224d0143a56436022401792f17fb3794684c4f5f8041dd650de1d3fb8494fbfd
- SHA512
  
  9c2ef433afbb7d603ffd95e561b4214514b793c24ff9986278ad4cee5e2f5a2c660814e38588a24748d35940727baf5b964693a59aefc3f82ce08ae2b850fb14
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AlH5dyM:Uzxu6xdK2F//B04m/AlH3yM
Score

1^/10
behavioral5 behavioral6
- Target
  
  01-HTML-files-13-examples/May_328152.html
- Size
  
  61KB
- MD5
  
  2876570bfe29414cdbde42892f090659
- SHA1
  
  9385e99f7c661bbd268960e921245c4a0c354e00
- SHA256
  
  7d89719f670760b2947490c40649128ccaf5fbc07368cfb2763ca3998c6cd9f9
- SHA512
  
  d7bed410f67dcb4294b5ceda59e441daec46e5925dea456bcb7a41a21f021e775a964e68e54f530dbb2aee312cc78b6c295601ad94adbbf21f203e9d81efe648
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A9H5dyM:Uzxu6xdK2F//B04m/A9H3yM
Score

1^/10
behavioral7 behavioral8
- Target
  
  01-HTML-files-13-examples/May_436171.html
- Size
  
  61KB
- MD5
  
  18f17f508a5daf91aed0ed966c029dc2
- SHA1
  
  1f8f6b379fa318467a8986b8fada4d1443a5e115
- SHA256
  
  0f1c3f1142a2d8fa1e38325830f53ed18a9a2110f6f390f0c514f379cda6d752
- SHA512
  
  64f6e92205514533005df479686244ec1ee473b38757a42480abf299a269e426d260fba749f3bf4f1dd18a72555327a4ffe887bbdf9ba63537033176346e303b
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AZH5dyM:Uzxu6xdK2F//B04m/AZH3yM
Score

1^/10
behavioral10 behavioral9
- Target
  
  01-HTML-files-13-examples/May_446619.html
- Size
  
  61KB
- MD5
  
  3ae80a16ef94efec40c411ae13786d6d
- SHA1
  
  d6f48b8a5b905ad9e55a59e3d5215a2bd558f862
- SHA256
  
  638c9af9e73f0ba1f92022c5eb0f2b42a7f15471d18678c91690d291b5ca68f9
- SHA512
  
  bdaa3a1c6ce8aed1957da1b1950878e900bb8a58775ba3159e3f467c553990d7eb79fb069f9dde319be51b695f898553faf7f0eb3eef323c70e54d4b19519419
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/ApH5dyM:Uzxu6xdK2F//B04m/ApH3yM
Score

1^/10
behavioral11 behavioral12
- Target
  
  01-HTML-files-13-examples/May_447386.html
- Size
  
  61KB
- MD5
  
  f52d23bb326cb7f5dbf35908d4eea9da
- SHA1
  
  26192b2b4f27d546c6f1ba04d2f2e1dc3ee02ae7
- SHA256
  
  0f48436d98086390b6ddefd7ad9974947224400d419f6d9373e29ca47e8e8357
- SHA512
  
  7958ca8b953cd9760c5cbd52b23df8a7165f5d52d51df63fc23445840e67c372d10a2b8e6cc64101d6dbf3edf9a53f59d2a2548e8f09b5dbeabaabd49355e41a
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A8H5dyM:Uzxu6xdK2F//B04m/A8H3yM
Score

1^/10
behavioral13 behavioral14
- Target
  
  01-HTML-files-13-examples/May_554063.html
- Size
  
  61KB
- MD5
  
  4b7798f65799eca7a80cf10b9d5df77b
- SHA1
  
  a94a1b8f290616c879912331324735515bf01f82
- SHA256
  
  01037b2cc999d1d16c1ebcc90d35c3b6f61c543f78d03e495dd924d50db818b0
- SHA512
  
  db9f2c4fca5bc165b3934ebebcb671f5e8b072fca3cbcafee9f64da851f166bff73ea7492bf839466dd4ded8077583787be8fa6ae08522775ddbd5d4229bda32
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AzH5dyM:Uzxu6xdK2F//B04m/AzH3yM
Score

1^/10
behavioral15 behavioral16
- Target
  
  01-HTML-files-13-examples/May_583479.html
- Size
  
  61KB
- MD5
  
  62a102ed05018fdfe266452f68fca782
- SHA1
  
  37a64a6549ae601803873b4a0543129fba075c88
- SHA256
  
  107994ddca0ed2b774041c076b699df4f34d2fbdca11539404571cb133d41554
- SHA512
  
  d235c6d105e4ff8f9743668224d9e13ddde6895c3d143ac6cb3eb1485bb3f3ce8409c8a4ff1c9186397dbb156f56104046f8c8b4bcea228b33e71e848f28512d
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AgH5dyM:Uzxu6xdK2F//B04m/AgH3yM
Score

1^/10
behavioral17 behavioral18
- Target
  
  01-HTML-files-13-examples/May_654380.html
- Size
  
  61KB
- MD5
  
  e0324c51ad89c8d548b0fadcd5433eb3
- SHA1
  
  2ea3be2cca7e35dd26fa6c35bbe4052ec5d6a9c3
- SHA256
  
  e8dcc385584b5859ef5674bf26a986957a6eaeab87389fad2c9bcca9ca900456
- SHA512
  
  142df604bb855fe0172a43bf07ce70e3fc7e8269d021cc9a2143b6a72e84194a10930fcc496cb8ab40119d64859466581acce03a66fec14e72de3ddb45411615
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AxH5dyM:Uzxu6xdK2F//B04m/AxH3yM
Score

1^/10
behavioral19 behavioral20
- Target
  
  01-HTML-files-13-examples/May_673434.html
- Size
  
  61KB
- MD5
  
  ae96ed9e0e5217dc6219fd2e0c7fb526
- SHA1
  
  08081b9cd39ed40f8051a1b8eed2b90d5be4b707
- SHA256
  
  28c3ecfb7bf397fb6713ca739162b676f57b58fc10a62003e1bc2d9f364e4cfc
- SHA512
  
  8d142a2996a9304cdcda417ee84b367ea0314293e1fbef07a302b003328f4620520965caccb164fbcc2170fa000e486ca13cb2214c7ad47b01fabdba5197acd2
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A9H5dyM:Uzxu6xdK2F//B04m/A9H3yM
Score

1^/10
behavioral21 behavioral22
- Target
  
  01-HTML-files-13-examples/May_765966.html
- Size
  
  61KB
- MD5
  
  1996b7d89e35d08c27f3e5ad9e0d2580
- SHA1
  
  200e19b0fa27f58db8af15967c8ad24e86d16236
- SHA256
  
  232b5aee821e426540ee151fe260fe4fb05b6bff1d3d4de6c65b8de22b1c13fd
- SHA512
  
  1b70750baa81b4bc3cebfad68c81fe1783e7dd2ebc0443fd25ea38f7df957a8255d015fbfdedd6f605a49ca5adf8cd4772e8e2f057aff3917aea3a8363a16a9c
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AoH5dyM:Uzxu6xdK2F//B04m/AoH3yM
Score

1^/10
behavioral23 behavioral24
- Target
  
  01-HTML-files-13-examples/May_787116.html
- Size
  
  61KB
- MD5
  
  deb59791141437efdf0ed373a5b13102
- SHA1
  
  8c06b9d9c732fe4aefe37f65dd20e56322385349
- SHA256
  
  b83ce1fb93f6e9f4d52deb736d1362e645a6e5a8f8371ee77a21228140f541b0
- SHA512
  
  46d947126db3070f4ae2297bbfbe96bc896018f0c1da39d909dc0853e36c90570c65c654bb4f6597cdc5d412e5d5bcc95508b503c16a1e9b0c83ac467c3d733e
- SSDEEP
  
  1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/ANH5dyM:Uzxu6xdK2F//B04m/ANH3yM
Score

1^/10
behavioral25 behavioral26
- Target
  
  02-downloaded-HTA-file/ok.hta
- Size
  
  2KB
- MD5
  
  a77becccca5571c00ebc9e516fd96ce8
- SHA1
  
  d8fb7d7985860e813d33927aa95f7ac54ff400b6
- SHA256
  
  5c204217d48f2565990dfdf2269c26113bd14c204484d8f466fb873312da80cf
- SHA512
  
  03d14473a27a83d56d80a489413fc3e1f543a4478f5e77ec120142cd1f4ebbe76d7d1c2d0edcdb214ec3c28cfb2bd7ce157d80abf4c727cbda729bfde8627149
Score

7^/10

execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral27 behavioral28
- Target
  
  03-malware-and-artifacts-from-an-infected-host/C__ProgramData_febabbh/Autoit3.exe
- Size
  
  872KB
- MD5
  
  c56b5f0201a3b3de53e561fe76912bfd
- SHA1
  
  2a4062e10a5de813f5688221dbeb3f3ff33eb417
- SHA256
  
  237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
- SHA512
  
  195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
- SSDEEP
  
  12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score

3^/10
behavioral29 behavioral30
- Target
  
  03-malware-and-artifacts-from-an-infected-host/C__nkll/Autoit3.exe
- Size
  
  872KB
- MD5
  
  c56b5f0201a3b3de53e561fe76912bfd
- SHA1
  
  2a4062e10a5de813f5688221dbeb3f3ff33eb417
- SHA256
  
  237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
- SHA512
  
  195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
- SSDEEP
  
  12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32