General
-
Target
b2d33941295f236bebee0d3c389a8549.bin
-
Size
2.1MB
-
Sample
240613-ck88ga1bjc
-
MD5
b5ea75722aee3da1885bf52de6ca982d
-
SHA1
b2a06a1960e14e2b4ee420d285bdf40f5c087408
-
SHA256
5434dabf87c87088918c1808f6c37149b47fc8b39f368a625a44fd9ee3cca16c
-
SHA512
6156ff3bbd0cf2a86a9b318eddae458c67469bb464553af806c261f59b4dd4f79a2c5a5fc41e0f0f58110d9944f5ab65bb4d666be74a547c9517bcc59c302a36
-
SSDEEP
49152:L13kwdsg/ePoDYv55e1YMhUE5/+bhAnwpk0ngGPMhRIUEZjkHLJT:L13kQdYP+hhUnG30gYyRuJkrJT
Static task
static1
Behavioral task
behavioral1
Sample
cfa0a176bad0046bd498a5a7f5140ca92734b096c541a54acd1b002f228ec47c.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
cfa0a176bad0046bd498a5a7f5140ca92734b096c541a54acd1b002f228ec47c.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
darkgate
x6x6x7x77xx6x6x67
dr-networks.com
-
anti_analysis
true
-
anti_debug
false
-
anti_vm
true
-
c2_port
80
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
false
-
crypter_dll
false
-
crypter_raw_stub
false
-
internal_mutex
rbQZFzKA
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
6
-
rootkit
false
-
startup_persistence
true
-
username
x6x6x7x77xx6x6x67
Targets
-
-
Target
cfa0a176bad0046bd498a5a7f5140ca92734b096c541a54acd1b002f228ec47c.exe
-
Size
3.8MB
-
MD5
b2d33941295f236bebee0d3c389a8549
-
SHA1
76bfc480242219d14cfbbb8dd7628c3c9bde7f7d
-
SHA256
cfa0a176bad0046bd498a5a7f5140ca92734b096c541a54acd1b002f228ec47c
-
SHA512
c7a8a877a93590876221c9bf0c21e04b78a8a8af415c1a70c776744702d3442aa9ffab2d480cc5d6f78a444d74ed3b6eac0407f6b571ddd02e63058d5386aae4
-
SSDEEP
24576:VUFFAjGxqL+VD3crlj8XR2GN19yK9fbxjSXIQ8j0b4qsfQ9Mrm94+CJWMD/NXChu:NKUo3klIXhNryuI2j0sVf9
Score10/10-
Detect DarkGate stealer
-
Executes dropped EXE
-
Loads dropped DLL
-