Overview
overview
7Static
static
101-HTML-fi...5.html
windows10-2004-x64
101-HTML-fi...2.html
windows10-2004-x64
101-HTML-fi...2.html
windows10-2004-x64
101-HTML-fi...2.html
windows10-2004-x64
101-HTML-fi...1.html
windows10-2004-x64
101-HTML-fi...9.html
windows10-2004-x64
101-HTML-fi...6.html
windows10-2004-x64
101-HTML-fi...3.html
windows10-2004-x64
101-HTML-fi...9.html
windows10-2004-x64
101-HTML-fi...0.html
windows10-2004-x64
101-HTML-fi...4.html
windows10-2004-x64
101-HTML-fi...6.html
windows10-2004-x64
101-HTML-fi...6.html
windows10-2004-x64
102-downloa...ok.hta
windows10-2004-x64
703-malware...t3.exe
windows10-2004-x64
303-malware...t3.exe
windows10-2004-x64
3Autoit3.exe
windows10-2004-x64
303-malware...hF.lnk
windows10-2004-x64
32024-05-14...ty.ps1
windows10-2004-x64
3Resubmissions
01-06-2024 21:09
240601-zzxvbafa7v 7General
-
Target
2024-05-14-DarkGate-malware-and-artifacts.zip
-
Size
2.9MB
-
Sample
240604-3sr72afe5w
-
MD5
6d9f4fbc9db6a47636e0caa14561b003
-
SHA1
7fc9a0e88073708c53b2fd63a3f5737bdf50a755
-
SHA256
97100a8da2146d6a9d4746a850a84d79a3c941cefacb0357f346ed44c653adad
-
SHA512
a5dca4873f7e946b7a7415011fbff5a1a47f059e1c0b839fbca79b6c8645c3b84e1f7958cfc7f626c5740ea89afac9bdd9345c700ffd4cbb33140b5142200da0
-
SSDEEP
49152:cYHrKLMvGChY1q1B9KUl9aHAZVx1qoiWqvrICkWmISsTi/uXuQgumBnnt9ePQhaj:lLRGHYB7l9FqbvUVdsTnXGnnt98Q0Gzc
Static task
static1
Behavioral task
behavioral1
Sample
01-HTML-files-13-examples/May_119275.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
01-HTML-files-13-examples/May_234892.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
01-HTML-files-13-examples/May_299872.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
01-HTML-files-13-examples/May_328152.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
01-HTML-files-13-examples/May_436171.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral6
Sample
01-HTML-files-13-examples/May_446619.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
01-HTML-files-13-examples/May_447386.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral8
Sample
01-HTML-files-13-examples/May_554063.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
01-HTML-files-13-examples/May_583479.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral10
Sample
01-HTML-files-13-examples/May_654380.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
01-HTML-files-13-examples/May_673434.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral12
Sample
01-HTML-files-13-examples/May_765966.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
01-HTML-files-13-examples/May_787116.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral14
Sample
02-downloaded-HTA-file/ok.hta
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
03-malware-and-artifacts-from-an-infected-host/C__ProgramData_febabbh/Autoit3.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral16
Sample
03-malware-and-artifacts-from-an-infected-host/C__nkll/Autoit3.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
Autoit3.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral18
Sample
03-malware-and-artifacts-from-an-infected-host/StartMenu_Startup_Folder_Shortcut_CecBBhF.lnk
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
2024-05-14-IOCs-for-DarkGate-activity.ps1
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
01-HTML-files-13-examples/May_119275.html
-
Size
61KB
-
MD5
2b9647e5c3057dfa684326fa9c484a16
-
SHA1
ec38a04f0040c80fe4a29adc0adb4ac78dc3e844
-
SHA256
b8229d8cc26b1622815a3d3537ab3c6a4a1ec24888953eda0d69cd602f05c272
-
SHA512
c1d5a1122e189db3e36ffd3f56584098e4f41e42542a64cd0bcede40b9dc996f38ec2c5b1a877e89cd83b2c6affc961e96cf7c3c82f185b29dbf5d67064440f2
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AaH5dyM:Uzxu6xdK2F//B04m/AaH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_234892.html
-
Size
61KB
-
MD5
f6edba2fed2aee71bb5c9359343dae7c
-
SHA1
e0ea388c24115ec17636d895b0d95691f7c5be35
-
SHA256
3fe42a4a39f3d0136df91b1d1b2959229cbe0e3cf2f4106e007b3f4f5548e80a
-
SHA512
3ad255c445e1b00b799b1b2b6e6baf70a6dc8e73709b79d6e2f1a1339eb726682881fb3af7b03a658d497d759e6a6c0b9420de3eb0165ebc95c66991e9ef9d76
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AmH5dyM:Uzxu6xdK2F//B04m/AmH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_299872.html
-
Size
61KB
-
MD5
ee09ae144c8ed2e18acf84e5a00bf657
-
SHA1
b28023918046db2d587281f63ea1ab2fde7a36d1
-
SHA256
224d0143a56436022401792f17fb3794684c4f5f8041dd650de1d3fb8494fbfd
-
SHA512
9c2ef433afbb7d603ffd95e561b4214514b793c24ff9986278ad4cee5e2f5a2c660814e38588a24748d35940727baf5b964693a59aefc3f82ce08ae2b850fb14
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AlH5dyM:Uzxu6xdK2F//B04m/AlH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_328152.html
-
Size
61KB
-
MD5
2876570bfe29414cdbde42892f090659
-
SHA1
9385e99f7c661bbd268960e921245c4a0c354e00
-
SHA256
7d89719f670760b2947490c40649128ccaf5fbc07368cfb2763ca3998c6cd9f9
-
SHA512
d7bed410f67dcb4294b5ceda59e441daec46e5925dea456bcb7a41a21f021e775a964e68e54f530dbb2aee312cc78b6c295601ad94adbbf21f203e9d81efe648
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A9H5dyM:Uzxu6xdK2F//B04m/A9H3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_436171.html
-
Size
61KB
-
MD5
18f17f508a5daf91aed0ed966c029dc2
-
SHA1
1f8f6b379fa318467a8986b8fada4d1443a5e115
-
SHA256
0f1c3f1142a2d8fa1e38325830f53ed18a9a2110f6f390f0c514f379cda6d752
-
SHA512
64f6e92205514533005df479686244ec1ee473b38757a42480abf299a269e426d260fba749f3bf4f1dd18a72555327a4ffe887bbdf9ba63537033176346e303b
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AZH5dyM:Uzxu6xdK2F//B04m/AZH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_446619.html
-
Size
61KB
-
MD5
3ae80a16ef94efec40c411ae13786d6d
-
SHA1
d6f48b8a5b905ad9e55a59e3d5215a2bd558f862
-
SHA256
638c9af9e73f0ba1f92022c5eb0f2b42a7f15471d18678c91690d291b5ca68f9
-
SHA512
bdaa3a1c6ce8aed1957da1b1950878e900bb8a58775ba3159e3f467c553990d7eb79fb069f9dde319be51b695f898553faf7f0eb3eef323c70e54d4b19519419
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/ApH5dyM:Uzxu6xdK2F//B04m/ApH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_447386.html
-
Size
61KB
-
MD5
f52d23bb326cb7f5dbf35908d4eea9da
-
SHA1
26192b2b4f27d546c6f1ba04d2f2e1dc3ee02ae7
-
SHA256
0f48436d98086390b6ddefd7ad9974947224400d419f6d9373e29ca47e8e8357
-
SHA512
7958ca8b953cd9760c5cbd52b23df8a7165f5d52d51df63fc23445840e67c372d10a2b8e6cc64101d6dbf3edf9a53f59d2a2548e8f09b5dbeabaabd49355e41a
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A8H5dyM:Uzxu6xdK2F//B04m/A8H3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_554063.html
-
Size
61KB
-
MD5
4b7798f65799eca7a80cf10b9d5df77b
-
SHA1
a94a1b8f290616c879912331324735515bf01f82
-
SHA256
01037b2cc999d1d16c1ebcc90d35c3b6f61c543f78d03e495dd924d50db818b0
-
SHA512
db9f2c4fca5bc165b3934ebebcb671f5e8b072fca3cbcafee9f64da851f166bff73ea7492bf839466dd4ded8077583787be8fa6ae08522775ddbd5d4229bda32
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AzH5dyM:Uzxu6xdK2F//B04m/AzH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_583479.html
-
Size
61KB
-
MD5
62a102ed05018fdfe266452f68fca782
-
SHA1
37a64a6549ae601803873b4a0543129fba075c88
-
SHA256
107994ddca0ed2b774041c076b699df4f34d2fbdca11539404571cb133d41554
-
SHA512
d235c6d105e4ff8f9743668224d9e13ddde6895c3d143ac6cb3eb1485bb3f3ce8409c8a4ff1c9186397dbb156f56104046f8c8b4bcea228b33e71e848f28512d
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AgH5dyM:Uzxu6xdK2F//B04m/AgH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_654380.html
-
Size
61KB
-
MD5
e0324c51ad89c8d548b0fadcd5433eb3
-
SHA1
2ea3be2cca7e35dd26fa6c35bbe4052ec5d6a9c3
-
SHA256
e8dcc385584b5859ef5674bf26a986957a6eaeab87389fad2c9bcca9ca900456
-
SHA512
142df604bb855fe0172a43bf07ce70e3fc7e8269d021cc9a2143b6a72e84194a10930fcc496cb8ab40119d64859466581acce03a66fec14e72de3ddb45411615
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AxH5dyM:Uzxu6xdK2F//B04m/AxH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_673434.html
-
Size
61KB
-
MD5
ae96ed9e0e5217dc6219fd2e0c7fb526
-
SHA1
08081b9cd39ed40f8051a1b8eed2b90d5be4b707
-
SHA256
28c3ecfb7bf397fb6713ca739162b676f57b58fc10a62003e1bc2d9f364e4cfc
-
SHA512
8d142a2996a9304cdcda417ee84b367ea0314293e1fbef07a302b003328f4620520965caccb164fbcc2170fa000e486ca13cb2214c7ad47b01fabdba5197acd2
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/A9H5dyM:Uzxu6xdK2F//B04m/A9H3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_765966.html
-
Size
61KB
-
MD5
1996b7d89e35d08c27f3e5ad9e0d2580
-
SHA1
200e19b0fa27f58db8af15967c8ad24e86d16236
-
SHA256
232b5aee821e426540ee151fe260fe4fb05b6bff1d3d4de6c65b8de22b1c13fd
-
SHA512
1b70750baa81b4bc3cebfad68c81fe1783e7dd2ebc0443fd25ea38f7df957a8255d015fbfdedd6f605a49ca5adf8cd4772e8e2f057aff3917aea3a8363a16a9c
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/AoH5dyM:Uzxu6xdK2F//B04m/AoH3yM
Score1/10 -
-
-
Target
01-HTML-files-13-examples/May_787116.html
-
Size
61KB
-
MD5
deb59791141437efdf0ed373a5b13102
-
SHA1
8c06b9d9c732fe4aefe37f65dd20e56322385349
-
SHA256
b83ce1fb93f6e9f4d52deb736d1362e645a6e5a8f8371ee77a21228140f541b0
-
SHA512
46d947126db3070f4ae2297bbfbe96bc896018f0c1da39d909dc0853e36c90570c65c654bb4f6597cdc5d412e5d5bcc95508b503c16a1e9b0c83ac467c3d733e
-
SSDEEP
1536:UzxuJKxK7kdK2FlBNt0kLENLOZ3m/ANH5dyM:Uzxu6xdK2F//B04m/ANH3yM
Score1/10 -
-
-
Target
02-downloaded-HTA-file/ok.hta
-
Size
2KB
-
MD5
a77becccca5571c00ebc9e516fd96ce8
-
SHA1
d8fb7d7985860e813d33927aa95f7ac54ff400b6
-
SHA256
5c204217d48f2565990dfdf2269c26113bd14c204484d8f466fb873312da80cf
-
SHA512
03d14473a27a83d56d80a489413fc3e1f543a4478f5e77ec120142cd1f4ebbe76d7d1c2d0edcdb214ec3c28cfb2bd7ce157d80abf4c727cbda729bfde8627149
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
03-malware-and-artifacts-from-an-infected-host/C__ProgramData_febabbh/Autoit3.exe
-
Size
872KB
-
MD5
c56b5f0201a3b3de53e561fe76912bfd
-
SHA1
2a4062e10a5de813f5688221dbeb3f3ff33eb417
-
SHA256
237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
-
SHA512
195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
-
SSDEEP
12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score3/10 -
-
-
Target
03-malware-and-artifacts-from-an-infected-host/C__nkll/Autoit3.exe
-
Size
872KB
-
MD5
c56b5f0201a3b3de53e561fe76912bfd
-
SHA1
2a4062e10a5de813f5688221dbeb3f3ff33eb417
-
SHA256
237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
-
SHA512
195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
-
SSDEEP
12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score3/10 -
-
-
Target
Autoit3.exe
-
Size
872KB
-
MD5
c56b5f0201a3b3de53e561fe76912bfd
-
SHA1
2a4062e10a5de813f5688221dbeb3f3ff33eb417
-
SHA256
237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
-
SHA512
195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
-
SSDEEP
12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score3/10 -
-
-
Target
03-malware-and-artifacts-from-an-infected-host/StartMenu_Startup_Folder_Shortcut_CecBBhF.lnk.bin
-
Size
889B
-
MD5
da6fd9211c4b5d81b0b84b5d7fb6c02b
-
SHA1
84c0d64ad54ba8e9af8c9221e35045ec058e4755
-
SHA256
2de65b27eaedd55135325264985725e56e9666ec08b858da9762a422eec0af40
-
SHA512
953f0f4d0ddf293c58aa90fb242fbda37809e272923aa13fc373379e4b9a4a429558d3e9a73c1be231bbc6911f75e60d09cc8b83e91b43a2be7ee8d1515d672a
Score3/10 -
-
-
Target
2024-05-14-IOCs-for-DarkGate-activity.txt
-
Size
12KB
-
MD5
ae709682aa029b3fb204f338e74e7aac
-
SHA1
f5823c24fb19463f1b654667972f534ee2c61b1a
-
SHA256
a35b878f5982170352048d84165e41d8b3803a19ac82e0d608fdf5480635de11
-
SHA512
0adfbfd0f4128c0922f3bab43e4a1c431ee9c6661752f1faa40e70a210db303ca68f340ea5b736968ab3ad4d8b433ec847be5bf315d190d1e1aa9906c0407cc3
-
SSDEEP
384:230sYWgr15NN7001122fooppaaDD844vvqq5EELLGGFggXXNNuuzsshhS33AAllM:a0bu
Score3/10 -