Solved

Webroot method protect from DarkGate Malware

  • 24 November 2018
  • 2 replies
  • 58 views

Userlevel 7
Badge +37
Hi ,
 
DarkGate malware is VBScript malware.
 
SAMPLE HASHES 
3340013b0f00fe0c9e99411f722f8f3f0baf9ae4f40ac78796a6d4d694b46d7b

0c3ef20ede53efbe5eebca50171a589731a17037147102838bdb4a41c33f94e5

3340013b0f00fe0c9e99411f722f8f3f0baf9ae4f40ac78796a6d4d694b46d7b

0c3ef20ede53efbe5eebca50171a589731a17037147102838bdb4a41c33f94e5

52c47a529e4ddd0778dde84b7f54e1aea326d9f8eeb4ba4961a87835a3d29866

b0542a719c6b2fc575915e9e4c58920cf999ba5c3f5345617818a9dc14a378b4

dadd0ec8806d506137889d7f1595b3b5447c1ea30159432b1952fa9551ecfba5

c88eab30fa03c44b567bcb4e659a60ee0fe5d98664816c70e3b6e8d79169cbea

2264c2f2c2d5a0d6d62c33cadb848305a8fff81cdd79c4d7560021cfb304a121

3c68facf01aede7bcd8c2aea853324a2e6a0ec8b026d95c7f50a46d77334c2d2

a146f84a0179124d96a707f192f4c06c07690e745cffaef521fcda9633766a44

abc35bb943462312437f0c4275b012e8ec03899ab86d353143d92cbefedd7f9d

908f2dfed6c122b46e946fe8839feb9218cb095f180f86c43659448e2f709fc7

3491bc6df27858257db26b913da8c35c83a0e48cf80de701a45a30a30544706d

 
Could you please describe Webroot method protect from DarkGate Malware & VBScript malwares .
 
Thank you
Regards ,
Amir
 
icon

Best answer by DanP 26 November 2018, 17:27

View original

2 replies

Userlevel 7
Will most likely be specifically handled as and when the new Script Shield is released (hopefully shortly) but in the interim I believe that it is the behavioural filters, that is part of the Monitoring that occurs when the 'Good or Bad' determination is inconclusive, that trap any malicious behaviour that a script may exhibit.
 
Userlevel 7
Badge +35
@ wrote:
Hi ,
 
DarkGate malware is VBScript malware.
 
SAMPLE HASHES 
3340013b0f00fe0c9e99411f722f8f3f0baf9ae4f40ac78796a6d4d694b46d7b

0c3ef20ede53efbe5eebca50171a589731a17037147102838bdb4a41c33f94e5

3340013b0f00fe0c9e99411f722f8f3f0baf9ae4f40ac78796a6d4d694b46d7b

0c3ef20ede53efbe5eebca50171a589731a17037147102838bdb4a41c33f94e5

52c47a529e4ddd0778dde84b7f54e1aea326d9f8eeb4ba4961a87835a3d29866

b0542a719c6b2fc575915e9e4c58920cf999ba5c3f5345617818a9dc14a378b4

dadd0ec8806d506137889d7f1595b3b5447c1ea30159432b1952fa9551ecfba5

c88eab30fa03c44b567bcb4e659a60ee0fe5d98664816c70e3b6e8d79169cbea

2264c2f2c2d5a0d6d62c33cadb848305a8fff81cdd79c4d7560021cfb304a121

3c68facf01aede7bcd8c2aea853324a2e6a0ec8b026d95c7f50a46d77334c2d2

a146f84a0179124d96a707f192f4c06c07690e745cffaef521fcda9633766a44

abc35bb943462312437f0c4275b012e8ec03899ab86d353143d92cbefedd7f9d

908f2dfed6c122b46e946fe8839feb9218cb095f180f86c43659448e2f709fc7

3491bc6df27858257db26b913da8c35c83a0e48cf80de701a45a30a30544706d

 
Could you please describe Webroot method protect from DarkGate Malware & VBScript malwares .
 
Thank you
Regards ,
Amir
 
I've passed this along to the Script Shield team, and detection will be added if it is not already present, so it will be detected once Script Shield is live. 
 
If you're torrenting files with a .vbe extension, you're gonna have problems... 
 
 
-Dan
 

Reply