Overview

overview

10

Static

static

3

shellcode.exe

windows7-x64

10

shellcode.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    final payload.zip

  • Size

    755KB

  • Sample

    240629-negf2szank

  • MD5

    92a14c578998d0bf8f1192fcf6301b94

  • SHA1

    4c39c8995563c6089ecc9849186f60ec23a52b15

  • SHA256

    281a1f577bf84eb668df449fcaa41956247cfde8e769915058edbcd7066c95f9

  • SHA512

    08caa5fedad698e5958464a718d601e1eefb26aec781cdd2e23b6d598c2e7858afe39141966404e1c2eb07ebcc653485a14eb20cd1d60f1ee6bfd34312170ef4

  • SSDEEP

    12288:YznjIwNwUvEf5X1v6b208odEK4KVHbVQntRgRJc++q02UMXFhokN56xQeU:YDj3Nwp5Fyvd/VJQntRs2+10G35wXU

Score
10/10
darkgatea1111stealer

Malware Config

Extracted

Family

darkgate

Botnet

A1111

C2

http://wilsoncallert.com

Attributes
  • alternative_c2_port

    8080

  • anti_analysis

    true

  • anti_debug

    true

  • anti_vm

    false

  • c2_port

    2351

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    true

  • crypter_dll

    false

  • crypter_raw_stub

    false

  • crypto_key

    nSoLLNAEzUGGah

  • internal_mutex

    txtMut

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    4

  • rootkit

    true

  • startup_persistence

    true

  • username

    A1111

Targets

    • Target

      shellcode.exe

    • Size

      146KB

    • MD5

      c3003964fbad244db448b96c95d57319

    • SHA1

      65026bbd3a65263e4da58c26e69c7576fd01d755

    • SHA256

      e12c720480be024f98d3a5ebb31445e16373da9bd7933fe4b9fa9ccd940e9c1d

    • SHA512

      7baf0bec4678184940d0a93c990aa6390b6ff379833706d62d51cd087284e1bc34ff047f9332baf7824fc14a0cc00830b9e815d09c9016b8edbb714d1b6a035c

    • SSDEEP

      3072:pBy3MmqwKvAiu6p08+l1nBtHEcq3Wn2D8IX3lqrpyPM:ny3MxwKNmxrn0Wn2D8InlqrpkM

    Score
    10/10
    darkgatea1111stealer

    • DarkGate

      DarkGate is an infostealer written in C++.

      stealerdarkgate

    • Detect DarkGate stealer

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks