dcrat | fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43
Size

1.3MB
Sample

221101-wr98wsehdq
MD5

57bd7653d075cb62c39362830308a4a3
SHA1

8db3535113a574086d5a6fd43ec04eeac8c21acf
SHA256

fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43
SHA512

678045e0108687b1d4710307d08068c1bab0ef87f5420a8e4efe6b2911cdf2a10624f30c64333ec6a33cb309c5fbb6fc521d90954ec645855a5a973a5ae4a748
SSDEEP

24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score

10^/10

dcrat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43.exe

Resource

win10-20220812-en

dcrat infostealer rat

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43
- Size
  
  1.3MB
- MD5
  
  57bd7653d075cb62c39362830308a4a3
- SHA1
  
  8db3535113a574086d5a6fd43ec04eeac8c21acf
- SHA256
  
  fcc15aae2b7a7846ce4e88062bed5f03f042f9578e4dd0f20da677b2f6f37d43
- SHA512
  
  678045e0108687b1d4710307d08068c1bab0ef87f5420a8e4efe6b2911cdf2a10624f30c64333ec6a33cb309c5fbb6fc521d90954ec645855a5a973a5ae4a748
- SSDEEP
  
  24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

© 2018-2024

Terms | Privacy