Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2712-28-0x0000000002F30000-0x00000000032B8000-memory.dmp

  • Size

    3.5MB

  • Sample

    240806-2bjznawfka

  • MD5

    53a9114029a8c95df58a1dd2ec5cb98b

  • SHA1

    3c475d0603e802fd5c642276db0d123233e8b042

  • SHA256

    4f431f0cfc0e3f3fbbd85fa9a5aadb5b94c1429aad2bae4ee50bf9ff50c59b37

  • SHA512

    12d41d8b2c7111a8fb95bb3756f31e14ff671b0a8d51d52f181df9deaa7580fe8198f61fe59919fc0198cdcbe0441617f35e66d4a9dfdab746d4c43272626f62

  • SSDEEP

    6144:1orJs4n+lPcNxkbWjlxptLoPnNTlWDNBf8QQoaW939erzWJgwYcMwGQTH:yrJs4n++xk8LtLoPnNTsfl59aOgw

Score
10/10
darkgategh0st

Malware Config

Extracted

Family

darkgate

Botnet

Gh0st

C2

filetmoon.site

Attributes
  • anti_analysis

    true

  • anti_debug

    false

  • anti_vm

    true

  • c2_port

    80

  • check_disk

    false

  • check_ram

    false

  • check_xeon

    false

  • crypter_au3

    false

  • crypter_dll

    false

  • crypter_raw_stub

    false

  • internal_mutex

    KaVpLvWD

  • minimum_disk

    100

  • minimum_ram

    4096

  • ping_interval

    6

  • rootkit

    false

  • startup_persistence

    true

  • username

    Gh0st

Targets

    Tasks