DarkGate - Duplicate (39d81c48-8f7c-54cb-8fac-485598e31a55)
DarkGate first emerged in 2018 and has evolved into an initial access and data gathering tool associated with various criminal cyber operations. Written in Delphi and named "DarkGate" by its author, DarkGate is associated with credential theft, cryptomining, cryptotheft, and pre-ransomware actions.[Ensilo Darkgate 2018] DarkGate use increased significantly starting in 2022 and is under active development by its author, who provides it as a Malware-as-a-Service offering.[Trellix Darkgate 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| TA577 (28f3dbcc-b248-442f-9ff3-234210bb2f2a) | Tidal Groups | DarkGate - Duplicate (39d81c48-8f7c-54cb-8fac-485598e31a55) | Tidal Software | 1 |