Overview

overview

10

Static

static

8

networkservice.exe

windows7_x64

10

networkservice.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    networkservice.exe

  • Size

    2.1MB

  • Sample

    210507-g73sd28h3e

  • MD5

    a99dfc43d7df4654d64accaa28a4f7ec

  • SHA1

    363a54b9b717f3fb62089f0f2424a1483add0520

  • SHA256

    f83ff41855709553f7f425aebd23420d3b2dd5e1e04cc7c619ba77920137ded4

  • SHA512

    445f1de440686fd2a1cde60cf5d359a8452fdafa003650c3e0d98a6ebd2d4eb5c9d53aa8ab64742afd1bd94023f1ce9774f4ce42836d75e2aca82d0b4f4c970e

Score
10/10
dcratinfostealerratupx

Malware Config

Targets

    • Target

      networkservice.exe

    • Size

      2.1MB

    • MD5

      a99dfc43d7df4654d64accaa28a4f7ec

    • SHA1

      363a54b9b717f3fb62089f0f2424a1483add0520

    • SHA256

      f83ff41855709553f7f425aebd23420d3b2dd5e1e04cc7c619ba77920137ded4

    • SHA512

      445f1de440686fd2a1cde60cf5d359a8452fdafa003650c3e0d98a6ebd2d4eb5c9d53aa8ab64742afd1bd94023f1ce9774f4ce42836d75e2aca82d0b4f4c970e

    Score
    10/10
    dcratinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks