darkgate | 05dead214ed2878ef504aff96695acbb236159b3cafdd8089c0f9be6df4ad930 | Triage

Sharing

General

Target

05dead214ed2878ef504aff96695acbb236159b3cafdd8089c0f9be6df4ad930
Size

2.7MB
Sample

241017-svv2lawdrk
MD5

9546ed5d05d71230c263cc04b5928a70
SHA1

97b7ecc548f48e7e44e3b1c5756162b58041a2c7
SHA256

05dead214ed2878ef504aff96695acbb236159b3cafdd8089c0f9be6df4ad930
SHA512

c03876f6ba19f5551f1b07ac222288923c4d1c13992e9b769e3aff3ab90571fa984cb9b72542e8590ffe27726025b57fb6e9e2bce3803b6b503e5bb3f2600f48
SSDEEP

49152:XwREDDMrlpa3z7OTThVzX5qg5xw4z0g3QE5/ERbdHeMxWrP+beY7UY714:XwRE8lpa3zaTThdX5qg5xDzJQxJdMwZY

Score

10^/10

darkgate silhouettes1 discovery stealer

Malware Config

Extracted

Family

darkgate

Botnet

Silhouettes1

C2

nuxdom.lat

Attributes

anti_analysis
true
anti_debug
false
anti_vm
true
c2_port
6280
check_disk
false
check_ram
false
check_xeon
false
crypter_au3
false
crypter_dll
false
crypter_raw_stub
false
internal_mutex
fzYjHvpH
minimum_disk
100
minimum_ram
4096
ping_interval
6
rootkit
false
startup_persistence
true
username
Silhouettes1

Targets

- Target
  
  05dead214ed2878ef504aff96695acbb236159b3cafdd8089c0f9be6df4ad930
- Size
  
  2.7MB
- MD5
  
  9546ed5d05d71230c263cc04b5928a70
- SHA1
  
  97b7ecc548f48e7e44e3b1c5756162b58041a2c7
- SHA256
  
  05dead214ed2878ef504aff96695acbb236159b3cafdd8089c0f9be6df4ad930
- SHA512
  
  c03876f6ba19f5551f1b07ac222288923c4d1c13992e9b769e3aff3ab90571fa984cb9b72542e8590ffe27726025b57fb6e9e2bce3803b6b503e5bb3f2600f48
- SSDEEP
  
  49152:XwREDDMrlpa3z7OTThVzX5qg5xw4z0g3QE5/ERbdHeMxWrP+beY7UY714:XwRE8lpa3zaTThdX5qg5xDzJQxJdMwZY
Score

10^/10

discovery darkgate silhouettes1 stealer
- DarkGate
  DarkGate is an infostealer written in C++.
  stealer darkgate
- Detect DarkGate stealer
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkgatesilhouettes1discoverystealer