dcrat | 93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204
Size

1.3MB
Sample

221102-fdhnqahdc4
MD5

9b90f5f2c59d8b777f0426cb7ee5237a
SHA1

6c118a231abcc754f23b6ea95e9e3f97d080d745
SHA256

93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204
SHA512

e7ee0ed90f7d72e2740a457dfc8de4c8338d3bdd27df247620169b92780d1ded2d1e03eca0009fa1da4fd191dae3d4e986aa980461d9b65634d6306124e9762c
SSDEEP

24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score

10^/10

dcrat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204.exe

Resource

win10-20220901-en

dcrat infostealer rat

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204
- Size
  
  1.3MB
- MD5
  
  9b90f5f2c59d8b777f0426cb7ee5237a
- SHA1
  
  6c118a231abcc754f23b6ea95e9e3f97d080d745
- SHA256
  
  93a60ce0831fc48f44709f66b3d7489c6305b56588ef03ac329eef380b843204
- SHA512
  
  e7ee0ed90f7d72e2740a457dfc8de4c8338d3bdd27df247620169b92780d1ded2d1e03eca0009fa1da4fd191dae3d4e986aa980461d9b65634d6306124e9762c
- SSDEEP
  
  24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

© 2018-2024

Terms | Privacy