darkgate | 933fbda1ca7c4a52adbb48d038c8ba5ed5ee411d1096b2222ca383ca6d96a6bc | Triage

Resubmissions

25-08-2024 09:52

240825-lwb7jsxgmh 10

22-08-2024 07:27

240822-h98wwsvdrh 10

22-08-2024 07:21

240822-h651tsxhrk 10

21-08-2024 20:21

240821-y44b8aydje 10

Sharing

General

Target

933fbda1ca7c4a52adbb48d038c8ba5ed5ee411d1096b2222ca383ca6d96a6bc.zip
Size

2.0MB
Sample

240822-h651tsxhrk
MD5

ab3c640841540414d0583e744693da75
SHA1

8156b216fd7059dbd1046b943ade1b0a6a64de1b
SHA256

933fbda1ca7c4a52adbb48d038c8ba5ed5ee411d1096b2222ca383ca6d96a6bc
SHA512

7b52ac1858e1ddf3a8908169b935c428ad3a37ee12f0b61130d9eb1c08841b84b8c3820804a31f00de152030b4242b5020ca17ddcdd48c47b14a4d05f525e8f8
SSDEEP

49152:yTZOriGAFEogB1WLgelipZlroMB6n1FI1VVkeXeKZZD:eOri6JULdiFExXuDXl9

Score

10^/10

darkgate android

Malware Config

Extracted

Family

darkgate

Version

C2

http://sanibroadbandcommunicton.duckdns.org

Attributes

anti_analysis
false
anti_debug
false
anti_vm
false
c2_port
5864
check_disk
false
check_ram
false
check_xeon
false
crypter_au3
false
crypter_dll
false
crypter_raw_stub
true
crypto_key
LAbQdWWsbybjAY
internal_mutex
bbcAde
minimum_disk
100
minimum_ram
4096
ping_interval
10
rootkit
false
startup_persistence
false

Targets

- Target
  
  apk/cyberRat/Port 7262 sample build/Google News.apk
- Size
  
  292KB
- MD5
  
  9dc59c231c11656c36181890e3699bec
- SHA1
  
  9c4cde8c2413fe82edf3f820a68baba75a60deaa
- SHA256
  
  e954167775d56cd819a15df364b572e83dd0096100ac1ceb27227d3cbbd7d8cc
- SHA512
  
  580c1a0b921df0df11f8f847427d501a3986b4c3952283c3a2bd01ef5741c4eb5940eef2c62153498eefe3b3bbb8f316f4489aea594cec6b68c64f1cb91a661f
- SSDEEP
  
  6144:DTCiuxS+i3eb4j+wNvmCGfZFxADyd6RwV5U1Sgi6WrjykWK2BGi3xapWQ:PnusT3cgtN0FeS6Rq21SgH8tWDBaQQ
Score

1^/10
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1