← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ACTIVIDAD MALICIOSA | Relacionada DarkGate 13-06-2024
WHITE esoporteingenieria2020 2024-06-13 Modified: 2024-06-13
69
IOCs
HIGH VOLUME
DarkGate es una herramienta versátil de malware que ha estado presente desde al menos 2018, con su variante más reciente emergiendo en julio de 2023. Las versiones antiguas se propagaban principalmente a través de correo no deseado y sitios de Torrent, centrándose en usuarios de habla hispana en Europa. La última iteración de DarkGate se ha observado utilizando técnicas de malvertising, envenenamiento de motores de búsqueda y campañas de spam. DarkGate implementa varios mecanismos anti-detección y anti-análisis, como ofuscación, capacidades anti-VM (detección al ejecutarse en una máquina virtual) y exclusión de detección de Microsoft Defender Antivirus. Este malware se oculta en el Administrador de tareas de Windows y permanece invisible al inicio, incluso para herramientas avanzadas.
abuse elevationaccess tokenmanipulationta0005ta0006setgidbypass useraccount controlsudo cachingcreate process
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
DarkGate - S1111
Indicators of Compromise (23 / 69 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 01037b2cc999d1d16c1ebcc90d35c3b6f61c543f78d03e495dd924d50db818b0 2024-06-13
FileHash-SHA256 02d044074d8315e87008d17c6702dbef6496e9d3545669bc3c3eb5b9ed29fdf1 2024-06-13
FileHash-SHA256 08a15e5718a53a317604d19b4ea49f1844d7a53af353808e7bfb9dc81cfe2342 2024-06-13
FileHash-SHA256 0c847517bad152533784a48baeaf227b3951f45afe73ae0e78fe0ca6a964a86d SHA256 of aeb5aaeee0c0550bfd9e77d9f61168e6f619bd05 2024-06-13
FileHash-SHA256 2f05419f0baf87feb1c1f4ecb6d391fd9e8083e9e5219fba09875aaca85001a2 SHA256 of 562bf1190c92318d85b024689e6ecb2d021732f7 2024-06-13
FileHash-SHA256 3644b387519f3509a1ce3d2201e2e1e8af36217138cc6f9e62d6e37c887097a6 2024-06-13
FileHash-SHA256 5316fc2cb4c54ba46a42e77e9ee387d158f0f3dc7456a0c549f9718b081c6c26 2024-06-13
FileHash-SHA256 5c204217d48f2565990dfdf2269c26113bd14c204484d8f466fb873312da80cf SHA256 of d8fb7d7985860e813d33927aa95f7ac54ff400b6 2024-06-13
FileHash-SHA256 6799222df869a6440bc3372604c36f25efc784292d74901fb2b62695f00acd67 SHA256 of d27f152c6fc1cba23e054e4760fd6e4e5a14f1eb 2024-06-13
FileHash-SHA256 6d8c504b6a3b860c342aea9c812c4f4d71e04fea69da9bfce43f6c72f0328b74 SHA256 of 42ce1651fce768cae1d5682fc3eb65d692ffd2b6 2024-06-13
FileHash-SHA256 733b6d7a13a3baa568f180755155debf99b272dd526ed374cbf3320c22bc522f 2024-06-13
FileHash-SHA256 79e9ac00c9d012518a4b97e6eca876fb1546cd8f3fe23978acdf7f2c612e030d 2024-06-13
FileHash-SHA256 86d6c2f22d4a7ae7a4947bf0204d3dd15cc3bade3e1f14500629be1528069b3d SHA256 of 1451e2ed4d83d19685f6ca7aa7a861a2efd46c2b 2024-06-13
FileHash-SHA256 8c382d51459b91b7f74b23fbad7dd2e8c818961561603c8f6614edc9bb1637d1 2024-06-13
FileHash-SHA256 9b351a75ea8460fb9ce2b4d78c9eef3a3f53a750324daf262583bb737f3e9e62 2024-06-13
FileHash-SHA256 a683ad754bdeea6485f3b7b45319c4b6b5e82aecb6fe6fc801716192d8b2d2c0 2024-06-13
FileHash-SHA256 a747b26b2607677a97b10f1cd0feaf168e86216c0587c01ca01fdd025cf74ed1 SHA256 of 1f5b6be11287b488711a07277e6caf1f4de22fd0 2024-06-13
FileHash-SHA256 bd0aba9ce085ae4eb0c958745710066a69345c7472d6a0790ed16f207cebe4c8 2024-06-13
FileHash-SHA256 c8e254f7ea199b0e86278bfbe0e6f8ea107031d7503a04e21ca29918a2502ffb 2024-06-13
FileHash-SHA256 d28c416add7fe55e7b1a20e30013e870cfb2eb3c9a5962ed4047766a43fa4f5e 2024-06-13
FileHash-SHA256 e9ad648589aa3e15ce61c6a3be4fc98429581be738792ed17a713b4980c9a4a2 SHA256 of 1b751a2ee3af91c4cdf020914de19169fceb51ac 2024-06-13
FileHash-SHA256 edce8b78e8189b63235074fd0f0e5ccc19bb6cf6688b6ba9d29b1519412f8e23 2024-06-13
FileHash-SHA256 f4726e04674aea6f5707067068a473ccf59b7ce46cf5fbc149013b6127c64cb6 2024-06-13
References (3)
↗ https://darfe.es/ciberwiki/index.php?title=DarkGate ↗ https://www.virustotal.com/graph/embed/g49400ea54a2642979b202121bbe4d7ac31adce9d7d8a409090d1902380140fcf?theme=light ↗ https://alertas-y-seguridad.jimdosite.com/repositorio-ioc/