Overview

overview

10

Static

static

1

151a6ee585...a2.exe

windows7-x64

10

151a6ee585...a2.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    151a6ee585c2f164b0adf97bb404558186293d218eda2.exe

  • Size

    987KB

  • Sample

    230214-xxm6zsfe76

  • MD5

    cb7828d2c749261635d4509ba51904e5

  • SHA1

    14b6c6ad2308ecc71a921876ca684f0ca531a945

  • SHA256

    151a6ee585c2f164b0adf97bb404558186293d218eda29d8f9ec25f67c706aa6

  • SHA512

    d9750c4ec25152af440415b2af4c7b8afbf77357af6c568440d9d689c1019b332c35feb2afaf58ad0d0aa235895caa3cdef7f9acac620f7d1d140994f8ead571

  • SSDEEP

    24576:Z5aInSOZb08lO/uM4bxhD1PTgX9dxsGcj2wIopXAHYq4:ZQIvPXQxJb2

Score
10/10
dcratinfostealerratspyware

Malware Config

Targets

    • Target

      151a6ee585c2f164b0adf97bb404558186293d218eda2.exe

    • Size

      987KB

    • MD5

      cb7828d2c749261635d4509ba51904e5

    • SHA1

      14b6c6ad2308ecc71a921876ca684f0ca531a945

    • SHA256

      151a6ee585c2f164b0adf97bb404558186293d218eda29d8f9ec25f67c706aa6

    • SHA512

      d9750c4ec25152af440415b2af4c7b8afbf77357af6c568440d9d689c1019b332c35feb2afaf58ad0d0aa235895caa3cdef7f9acac620f7d1d140994f8ead571

    • SSDEEP

      24576:Z5aInSOZb08lO/uM4bxhD1PTgX9dxsGcj2wIopXAHYq4:ZQIvPXQxJb2

    Score
    10/10
    dcratinfostealerratspyware

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

      rat

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks