General
-
Target
1272-13-0x0000000003240000-0x00000000035C8000-memory.dmp
-
Size
3.5MB
-
Sample
240827-wlhxfstcjb
-
MD5
6e60a019b9e96cce17ffbeffb16c7d8a
-
SHA1
b0dd589d9257bdee6cc9ddfab4dff42475efa74e
-
SHA256
802cf8b7b5a8cd4566fed30a775e5e39cd44fd0844b02187e22ef408e97a40a1
-
SHA512
9dcdd886c783e9a12c4413799b6ed14783184c6d626e68d8ec32e953c53dc260145065a3e6e1c9c60775bfe8be1f2fa6450d96205e51d5ce2abf387cc9d77327
-
SSDEEP
6144:tk1Ac2x7kDpDSbJ9OP1fAU8N4o3aDCvBKDoaDPr5ra9Hvr/zGQB:+Sc2GDS14tXg4EarNsvr/
Score
10/10
Malware Config
Extracted
Family
darkgate
Botnet
x6x6x7x77xx6x6x67
C2
dr-networks.com
Attributes
-
anti_analysis
true
-
anti_debug
false
-
anti_vm
true
-
c2_port
80
-
check_disk
false
-
check_ram
false
-
check_xeon
false
-
crypter_au3
false
-
crypter_dll
false
-
crypter_raw_stub
false
-
internal_mutex
rbQZFzKA
-
minimum_disk
100
-
minimum_ram
4096
-
ping_interval
6
-
rootkit
false
-
startup_persistence
true
-
username
x6x6x7x77xx6x6x67