dcrat | 675d500266a8a61ed4ddb26a9bd442f4f25f3c21190a190709d2d2c26825e96d | Triage

Submit
Reports

Overview

overview

Static

static

Midnite.exe

windows10-1703-x64

Sharing

General

Target

Midnite.exe
Size

1.3MB
Sample

230117-zwc1qsfh84
MD5

ce12be878d15f0babc5e2ccdec0ec473
SHA1

74c770c0c9c7faae5d391f96bde8f1baf3080c6d
SHA256

675d500266a8a61ed4ddb26a9bd442f4f25f3c21190a190709d2d2c26825e96d
SHA512

ae5d83bd75c1ee080a7461c36e28b1d6981231ace095519c94060689d8b0994a2c3aa16d0df2f7697f6d1f7f94b42bdf03e3179fec7ea2b051b20b4b13cef3bd
SSDEEP

24576:5gfTztXIwQkLAvEONLP3c7RgGOxPC/v42qlb:GNXIwQkezs7RC4I2Sb

Score

10^/10

dcrat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

Midnite.exe

Resource

win10-20220901-en

dcrat infostealer rat

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  Midnite.exe
- Size
  
  1.3MB
- MD5
  
  ce12be878d15f0babc5e2ccdec0ec473
- SHA1
  
  74c770c0c9c7faae5d391f96bde8f1baf3080c6d
- SHA256
  
  675d500266a8a61ed4ddb26a9bd442f4f25f3c21190a190709d2d2c26825e96d
- SHA512
  
  ae5d83bd75c1ee080a7461c36e28b1d6981231ace095519c94060689d8b0994a2c3aa16d0df2f7697f6d1f7f94b42bdf03e3179fec7ea2b051b20b4b13cef3bd
- SSDEEP
  
  24576:5gfTztXIwQkLAvEONLP3c7RgGOxPC/v42qlb:GNXIwQkezs7RC4I2Sb
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

© 2018-2024

Terms | Privacy