Extracted

• • Target

    e8c70c3b0269eb6e4b334ef585b06483ad39a94a516aec5cd545a660a77e9442

  • Size

    1.6MB

  • MD5

    3e5cd6018e40bfb258087139f7922df9

  • SHA1

    ff35037678de79098d6bf4c87906901c46610794

  • SHA256

    e8c70c3b0269eb6e4b334ef585b06483ad39a94a516aec5cd545a660a77e9442

  • SHA512

    eceba3d0e73ea5f7c45bd991b81451f4df7e60022b9015bc54b7f9f144eefd01fd54ed8416c00ac094307b0dddbe1a2478a1eca7cc5d0065961aa46fe19729d4

  • SSDEEP

    24576:7hxsaMc8YafE7Mtp52N8D3OE6zqj5yC8wwuczso7SlKDTGfLLpldpAysZowdkO:tLM3Y6tmfJzKEmY3TGfLLpKyfwdk

  Score

  10^/10

  darkgatesilhouettes1discoveryexecutionstealer

  • DarkGate

    DarkGate is an infostealer written in C++.

    stealerdarkgate

  • Detect DarkGate stealer

  • Executes dropped EXE

  • Loads dropped DLL

  • Command and Scripting Interpreter: AutoIT

    Using AutoIT for possible automate script.

    execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2