Overview

overview

10

Static

static

9hmhx13dh.exe

windows7-x64

10

9hmhx13dh.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9hmhx13dh.exe

  • Size

    2.3MB

  • Sample

    230129-ty9jtsfa9v

  • MD5

    4dc6391e49046252c6effd467c679804

  • SHA1

    19b4ae58c609825294a66643fdb5779e04957aab

  • SHA256

    c691c174c042a1f23f13b420abad454bd4b843e1033119080114da0a99cfdfff

  • SHA512

    b78ab0ba6aa99bb516cf4445bec01548801430863630e53d7a08dc985cfbd360455937369ce94242886fecd4ddf7f877fb284b50881119271d5eae59a8ab83b4

  • SSDEEP

    49152:TZM+U574kFRDQc2bUyVe/l/usb/iC+nkalNs+IIWpxIF989O3:T+7pfRPV/l/v/iC+kye+hex3

Score
10/10
dcratinfostealerrat

Malware Config

Targets

    • Target

      9hmhx13dh.exe

    • Size

      2.3MB

    • MD5

      4dc6391e49046252c6effd467c679804

    • SHA1

      19b4ae58c609825294a66643fdb5779e04957aab

    • SHA256

      c691c174c042a1f23f13b420abad454bd4b843e1033119080114da0a99cfdfff

    • SHA512

      b78ab0ba6aa99bb516cf4445bec01548801430863630e53d7a08dc985cfbd360455937369ce94242886fecd4ddf7f877fb284b50881119271d5eae59a8ab83b4

    • SSDEEP

      49152:TZM+U574kFRDQc2bUyVe/l/usb/iC+nkalNs+IIWpxIF989O3:T+7pfRPV/l/v/iC+kye+hex3

    Score
    10/10
    dcratinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks