dcrat | 82a6bd933afa0250d5140fd994084c76b3e23fe29ad520e3283c2a921c85b3b4 | Triage

Submit
Reports

Overview

overview

Static

static

15dea4b9a3...17.exe

windows7-x64

15dea4b9a3...17.exe

windows10-2004-x64

Sharing

General

Target

052b57ab4e7144f3a63a77e7ecc3576e.bin
Size

3.6MB
Sample

230123-q527jsdd97
MD5

2777a2b22c7d2f7fd559b7c7b247a159
SHA1

0c2fbc2a9beb26a6668b2b065c4aeff1941f22d3
SHA256

82a6bd933afa0250d5140fd994084c76b3e23fe29ad520e3283c2a921c85b3b4
SHA512

b0bd78b62d00afdd96ce0e373cbdbd362727e2854164cbaafeab2f4abe0debb6886a897a4bf1d6dda912d8e44b027b28018d7b0ed98b01a98f3d45081d06adc0
SSDEEP

98304:CMH+WvY+Wp5udNYicMhBO2e3WIw18tRjVUhP0+j0Mr7bz:/Jg+Wfun5QyKtRqhs+j0MrL

Score

10^/10

dcrat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

15dea4b9a33481b1fda13ff2382af181ef556877a7401d1d3451309b4aef1317.exe

Resource

win7-20220812-en

dcrat infostealer rat

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

15dea4b9a33481b1fda13ff2382af181ef556877a7401d1d3451309b4aef1317.exe

Resource

win10v2004-20220812-en

dcrat infostealer rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  15dea4b9a33481b1fda13ff2382af181ef556877a7401d1d3451309b4aef1317.exe
- Size
  
  4.0MB
- MD5
  
  052b57ab4e7144f3a63a77e7ecc3576e
- SHA1
  
  39a2ecfca50de7ec6a212d9ab80add96d884c6e5
- SHA256
  
  15dea4b9a33481b1fda13ff2382af181ef556877a7401d1d3451309b4aef1317
- SHA512
  
  8cf5bf0a973750ed167f5a6c7d0395d0b0fbcd829e67294d3634f9e5f033587b3d2e75dd63e6e93c134c98f8a6cd435f68b1613df35e8bc03cecda3889430f9c
- SSDEEP
  
  98304:JCeCsdoOk1Qqrx+14KBDYauafqeu3M5qOmCc8:hdnkOq4iYEauaft4gtZ
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2024

Terms | Privacy