General
-
Target
0d490cbacd8b69f090b69185c61f2cc6c71427b23593af8b605f1c941c50a2c7_NeikiAnalytics.exe
-
Size
2.5MB
-
Sample
240629-3hw38szaka
-
MD5
de583dbc8b325b924ef03913da13ce10
-
SHA1
af6b4510e9cc4daeafa75fbc39f9bc3081bd2da5
-
SHA256
0d490cbacd8b69f090b69185c61f2cc6c71427b23593af8b605f1c941c50a2c7
-
SHA512
ca2cbc801766d0c43f22dc641ef8d4e5d607188e762cf2f4b646abfc535fcdaf8a990df0796fc42f84bef9c32927f9d83c448b563913791464d6f12f938c12ba
-
SSDEEP
49152:XCEP0tV8RAErnNZfkbVuyyTbnBUln4R5aZ:Xv8t8VjNZcYyyXHbaZ
Malware Config
Extracted
darkgate
2newn2newn2new
91.222.173.185
-
anti_analysis
false
-
anti_debug
false
-
anti_vm
false
-
c2_port
80
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
false
-
crypter_dll
false
-
crypter_raw_stub
false
-
internal_mutex
GjssEdpf
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
6
-
rootkit
false
-
startup_persistence
true
-
username
2newn2newn2new
Targets
-
-
Target
0d490cbacd8b69f090b69185c61f2cc6c71427b23593af8b605f1c941c50a2c7_NeikiAnalytics.exe
-
Size
2.5MB
-
MD5
de583dbc8b325b924ef03913da13ce10
-
SHA1
af6b4510e9cc4daeafa75fbc39f9bc3081bd2da5
-
SHA256
0d490cbacd8b69f090b69185c61f2cc6c71427b23593af8b605f1c941c50a2c7
-
SHA512
ca2cbc801766d0c43f22dc641ef8d4e5d607188e762cf2f4b646abfc535fcdaf8a990df0796fc42f84bef9c32927f9d83c448b563913791464d6f12f938c12ba
-
SSDEEP
49152:XCEP0tV8RAErnNZfkbVuyyTbnBUln4R5aZ:Xv8t8VjNZcYyyXHbaZ
Score10/10-
DarkGate
DarkGate is an infostealer written in C++.
-
Detect DarkGate stealer
-
Executes dropped EXE
-
Loads dropped DLL
-
Command and Scripting Interpreter: AutoIT
Using AutoIT for possible automate script.
-