Malware
DarkGate
aka Meh · MehCrypter
First documented in 2018, DarkGate is a commodity loader with features that include the ability to download and execute files to memory, a Hidden Virtual Network Computing (HVNC) module, keylogging, i
DarkGate, also known as Meh, MehCrypter, is a Windows malware family.
Background
First reported in 2018, DarkGate is a commodity loader whose capabilities include downloading and executing files directly in memory, a Hidden Virtual Network Computing (HVNC) module, keylogging, information theft, and privilege escalation. It abuses legitimate AutoIt binaries and generally runs several AutoIt scripts during operation. Since May 2023, newer DarkGate builds have been marketed on a Russian-language eCrime forum.
Source: Malpedia (Fraunhofer FKIE).