dcrat | 779944ef7b50dcc97c14b28c133b36f93c33299381e17ce80444562fdd82a79c | Triage

Submit
Reports

Overview

overview

Static

static

Extrude.exe

windows10-2004-x64

Sharing

General

Target

Extrude v1.rar
Size

1.2MB
Sample

230326-rj5k8agg68
MD5

7f6049eb13f0def8ecc2b24a7f192197
SHA1

b28503756867d0df88d153859d31a41340d4df67
SHA256

779944ef7b50dcc97c14b28c133b36f93c33299381e17ce80444562fdd82a79c
SHA512

99b44531770eec32f1c453c2085635687e663700491dbfff44e0c7ad4f2f64ca43b011204af7ac8de8796ee28d2b913d8c4d6253334133465723264c50270058
SSDEEP

24576:PcDxi5YA59TMJLvdVRLRfyW12l4v1hv8riCtE:th9TALpRfyEJNhU2

Score

10^/10

dcrat infostealer rat upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

Extrude.exe

Resource

win10v2004-20230220-en

dcrat infostealer rat

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Extrude.exe
- Size
  
  1.1MB
- MD5
  
  75b7f43476e40833c80636fa9e6b7ebc
- SHA1
  
  75849108978003895e774680549cad97edb215e9
- SHA256
  
  89b41e3a1d1feef8f7ada88762624d7bd92a8fc2d2a1549741ca83b6512c3ef1
- SHA512
  
  aa8ac4e5ac2bd9f605fca5275888bfa533701f3fddef7d5d6344a8957bbfe4385e6ccdf562b19e9e4c00eeed35792e1ced71ffb9c7a35eec5bf45e938a028a8a
- SSDEEP
  
  24576:P2G/nvxW3Wn0VZlQoCOXU/UUjxZXSzHifMw:PbA3pVZlQ7OXGX+zCZ
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

© 2018-2024

Terms | Privacy