dcrat | 29b84cbec0c92620955afd16358fb786df50fdc6dc024399cc9d2f5d8f40f38a | Triage

Submit
Reports

Overview

overview

Static

static

LoaderB.exe

windows7-x64

LoaderB.exe

windows10-2004-x64

Sharing

General

Target

LoaderB.exe
Size

1.1MB
Sample

230121-xqb55sfc41
MD5

97fd39727f09d456c6e6e8a3fb9b4028
SHA1

f27399f10573bb39ebc472b7fdfa649e48494dfd
SHA256

29b84cbec0c92620955afd16358fb786df50fdc6dc024399cc9d2f5d8f40f38a
SHA512

275a115ce4bb2662658a6d6ad77a3a83005d66d9d773726581ead4f38bf45b9e6c5d98501cfc0ec3c2623b04635856ca303ee89c7ec114ab01268741928f9a46
SSDEEP

24576:qGlFYoq77FED1/LTeXGVFkz/EaQON6uZvRbXiPoUg:HFf+6DNiwaT08XiPoUg

Score

10^/10

dcrat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

LoaderB.exe

Resource

win7-20221111-en

dcrat infostealer rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

LoaderB.exe

Resource

win10v2004-20221111-en

dcrat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  LoaderB.exe
- Size
  
  1.1MB
- MD5
  
  97fd39727f09d456c6e6e8a3fb9b4028
- SHA1
  
  f27399f10573bb39ebc472b7fdfa649e48494dfd
- SHA256
  
  29b84cbec0c92620955afd16358fb786df50fdc6dc024399cc9d2f5d8f40f38a
- SHA512
  
  275a115ce4bb2662658a6d6ad77a3a83005d66d9d773726581ead4f38bf45b9e6c5d98501cfc0ec3c2623b04635856ca303ee89c7ec114ab01268741928f9a46
- SSDEEP
  
  24576:qGlFYoq77FED1/LTeXGVFkz/EaQON6uZvRbXiPoUg:HFf+6DNiwaT08XiPoUg
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2024

Terms | Privacy