dcrat | 418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae
Size

1.3MB
Sample

230203-llrt9adg97
MD5

6d61deb69dc902c98c4eeb5f74063b95
SHA1

28ee589e503f22e79852972a7d3f9e986d74a3d7
SHA256

418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae
SHA512

2fadb51511dd3ecce6c4ba77341d90f4af789122240741f869af6a325ec0c326e8053fe9897369eb1427395abbc31b1c23f8c9f4a0123b53c5dc1c39d8d76c64
SSDEEP

24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score

10^/10

dcrat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae.exe

Resource

win10-20220812-en

dcrat infostealer rat

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae
- Size
  
  1.3MB
- MD5
  
  6d61deb69dc902c98c4eeb5f74063b95
- SHA1
  
  28ee589e503f22e79852972a7d3f9e986d74a3d7
- SHA256
  
  418bd27906d38ba3fd04866c8ca6531d210814e17d8d6360ee72a5c171104bae
- SHA512
  
  2fadb51511dd3ecce6c4ba77341d90f4af789122240741f869af6a325ec0c326e8053fe9897369eb1427395abbc31b1c23f8c9f4a0123b53c5dc1c39d8d76c64
- SSDEEP
  
  24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

© 2018-2025

Terms | Privacy