General
-
Target
2025-05-21_e8b22f223164052ad9561d18cc72f1df_darkgate_elex_icedid_poet-rat_zxxz
-
Size
35.5MB
-
Sample
250521-3qkp6svnx6
-
MD5
e8b22f223164052ad9561d18cc72f1df
-
SHA1
12b8a7672b63f271daf58bf489965e87c09edd5e
-
SHA256
236ce8c99c07a34dd1d3601f86ccf4ec8b5ea43dcc271e8fe6ead1ccd60afc7d
-
SHA512
aa9b5a00b4e909091ee1d59211d5a3a674e1a6c973d33f7d14cb153896a9bf0c30ac373832f31a6f9cce244f36353c9f859c032520bf0683a5fd1670c1d12d9c
-
SSDEEP
196608:DF8X42V5hhv5V57+btH5KUxamErRyhdGJgaMkG8K1HBRM4kqptasktkvzAgb09n:Xc5htX5atH5imEoJhN1HG/wzAu
Behavioral task
behavioral1
Sample
2025-05-21_e8b22f223164052ad9561d18cc72f1df_darkgate_elex_icedid_poet-rat_zxxz.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
2025-05-21_e8b22f223164052ad9561d18cc72f1df_darkgate_elex_icedid_poet-rat_zxxz.exe
Resource
win11-20250502-en
Malware Config
Extracted
aresloader
http://110.42.59.123:8089
http://127.0.0.1:8888
http://127.0.0.1:8080
http://192.168.31.111
Targets
-
-
Target
2025-05-21_e8b22f223164052ad9561d18cc72f1df_darkgate_elex_icedid_poet-rat_zxxz
-
Size
35.5MB
-
MD5
e8b22f223164052ad9561d18cc72f1df
-
SHA1
12b8a7672b63f271daf58bf489965e87c09edd5e
-
SHA256
236ce8c99c07a34dd1d3601f86ccf4ec8b5ea43dcc271e8fe6ead1ccd60afc7d
-
SHA512
aa9b5a00b4e909091ee1d59211d5a3a674e1a6c973d33f7d14cb153896a9bf0c30ac373832f31a6f9cce244f36353c9f859c032520bf0683a5fd1670c1d12d9c
-
SSDEEP
196608:DF8X42V5hhv5V57+btH5KUxamErRyhdGJgaMkG8K1HBRM4kqptasktkvzAgb09n:Xc5htX5atH5imEoJhN1HG/wzAu
-
Aresloader family
-
Modifies Windows Firewall
-