Overview

overview

10

Static

static

10

DcRat/DcRat.exe

windows7-x64

10

DcRat/DcRat.exe

windows10-2004-x64

10

DcRat/DcRat.exe.xml

windows7-x64

1

DcRat/DcRat.exe.xml

windows10-2004-x64

1

DcRat/Plug...io.dll

windows7-x64

1

DcRat/Plug...io.dll

windows10-2004-x64

1

DcRat/Plug...at.dll

windows7-x64

1

DcRat/Plug...at.dll

windows10-2004-x64

1

DcRat/Plug...rd.dll

windows7-x64

1

DcRat/Plug...rd.dll

windows10-2004-x64

1

DcRat/Plug...ra.dll

windows7-x64

1

DcRat/Plug...ra.dll

windows10-2004-x64

1

DcRat/Plug...er.dll

windows7-x64

1

DcRat/Plug...er.dll

windows10-2004-x64

1

DcRat/Plug...er.dll

windows7-x64

1

DcRat/Plug...er.dll

windows10-2004-x64

1

DcRat/Plugins/Fun.dll

windows7-x64

1

DcRat/Plugins/Fun.dll

windows10-2004-x64

1

DcRat/Plug...on.dll

windows7-x64

1

DcRat/Plug...on.dll

windows10-2004-x64

1

DcRat/Plug...er.exe

windows7-x64

1

DcRat/Plug...er.exe

windows10-2004-x64

1

DcRat/Plug...er.dll

windows7-x64

1

DcRat/Plug...er.dll

windows10-2004-x64

1

DcRat/Plug...ib.dll

windows7-x64

1

DcRat/Plug...ib.dll

windows10-2004-x64

1

DcRat/Plug...us.dll

windows7-x64

1

DcRat/Plug...us.dll

windows10-2004-x64

1

DcRat/Plug...at.dll

windows7-x64

1

DcRat/Plug...at.dll

windows10-2004-x64

1

DcRat/Plug...ns.dll

windows7-x64

1

DcRat/Plug...ns.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    DcRat.zip

  • Size

    17.3MB

  • Sample

    230416-qt931sac42

  • MD5

    fbe05e3a97e919291485a530c96303de

  • SHA1

    5dbaae6b2ee7202f867d6488b6a4a3e33e9a516d

  • SHA256

    70fc07dc94b74d022853142d3df555cf7189680ea37b42187ac20ea1ecc2449b

  • SHA512

    e274998648a17288ceaa176de298cea19f21143ccdc9f48f253e4a3bc444cd6ad9e6771ddd00595f8e43085777c1f856d9e4e87c6096d4cd360eb8ba105624c0

  • SSDEEP

    393216:wk070N6EER79lFhacuR1d6jR8r+ZQo9K9fx2HyPFhkecMvEbeprRI9HwYjX/MwA:wQErRRlFha78DQCK9fx2HISszYMwA

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      DcRat/DcRat.exe

    • Size

      21.6MB

    • MD5

      86f3de7b3546c538291820eb6f1d3d32

    • SHA1

      4b0994b910d67990c855b669f4124e6ebbbc0343

    • SHA256

      533c45a3400cceaf13703564aa125c4a17b613ea0964d140be0415d7df4f644b

    • SHA512

      002449d99933ee6a61059a2722a2b75f5358b987f4853a93ef0dd5c0b5724835c449a810450f1d2ba6cb5114a106c8f05fbad2137b3c0b3c851663fa1a00d244

    • SSDEEP

      393216:q/nGTBP+Zw6NLIsFfskh1BmXGR1Bd+/2:q/GTBP+Zlnk0rmoBY

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

    • Target

      DcRat/DcRat.exe.config

    • Size

      5KB

    • MD5

      d1ce6bd32c1afe09a5e832940e4a997f

    • SHA1

      a54e46cf616601a50ad039d40b34be89d13e0ea8

    • SHA256

      e99e5f117f710505f9f24fc0176a58d89b7cae4dc3c925e97931c2d0a4b4b634

    • SHA512

      4a7142d838bddb69e76b6b81b02574daa16c324b82385af16557b943eff39807b316607f20255f3783f0eb068b22f9c181d24c899401c7feb7cfc61ecc693971

    • SSDEEP

      96:ur71Y7KO7KTri0bGivwapdgaRzV6RXIAIUAvEnzH9V0BGivi4273I2TpV6RUGoKO:ur7S7x7krM3/I2GoKS/pv7sJ+J/qJvS

    Score
    1/10
    behavioral3behavioral4

    • Target

      DcRat/Plugins/Audio.dll

    • Size

      22KB

    • MD5

      0a0a20f3cb14dd00f1f9944ace6157a3

    • SHA1

      ce7db5df66df4d67ff316f4c001b293bda6a062b

    • SHA256

      e990d5fceb7889b8119020b2f6ec2861623a98a9f7a5fef43ae3caf071428eb0

    • SHA512

      989e59ae063a419ee851ffdaf19367dc4347f987697bdfc669633b59baeabdd4f9238ef875d447d60ddf54011106ebe8d02ac9ce508e35e9fad34be4a8ec2d0d

    • SSDEEP

      384:+SRj1EfmW3sHmH+6kBdseXGDfICDzu5RQRjuAa04FOkh8:+SRj1N0sHieK/75uAhRO8

    Score
    1/10
    behavioral5behavioral6

    • Target

      DcRat/Plugins/Chat.dll

    • Size

      454KB

    • MD5

      8333ab22b377dc992e950a36336a332e

    • SHA1

      e7b6642ce70ad0dfc0fc2413ba4d15532e68131d

    • SHA256

      55752fdc5e0b621dcf4a43558260e97dfc8f04a42ebbd71a5a3986ee60fa9746

    • SHA512

      2842afa20bcb75ac0d7db39990aa8319ff36f0435cc366a11e4e55fada6f57285b32d5f3730000da36467ce8ab51837941a0ddcd053c108f06b00a0dc87e4701

    • SSDEEP

      6144:YtBlKJ+p4JX0cZsaB6N83r2y/plBWnxfID/uKNlNQ7fOiLXyCrxO9w+KQqxe/t:YVKTkcZBB6NKbBWnxfIvNr4siQqx

    Score
    1/10
    behavioral7behavioral8

    • Target

      DcRat/Plugins/Discord.dll

    • Size

      24KB

    • MD5

      46ff79eacaa4e9cebceb87c57e9edb6e

    • SHA1

      c25b45578c880512513062459ead1cee45e2f74e

    • SHA256

      2635b2eac0808dae67aac619477e54f45cb1c80b8a6d479d272d4a3ea5fd192e

    • SHA512

      2117ea8b74aebfd198a42081ce81dc87fba439fcd0f410129f1b7dca7bc923e14f6e707c3b72243fa2dd10638ea521035fc89abae0708f73b3fe1bd5582bdbff

    • SSDEEP

      384:+0FmIXW/ppmaCnN594J+Im/tvp2BdseXGcdh+JaL6EWAVuk5mSZ7rN2TD118KsuR:jECaC7iGqQ0jNZ5mSZZWDEKsw

    Score
    1/10
    behavioral10behavioral9

    • Target

      DcRat/Plugins/Extra.dll

    • Size

      31KB

    • MD5

      951c0c558b8cface27accb2ced40162a

    • SHA1

      8bb8df333cf2929045787ed0d8ec9cd825f7421b

    • SHA256

      e9b6a6cee7c9e7fcab0b88f64a993d9002d8c34a8d2bf2f358d01a2baa9c4775

    • SHA512

      bee8dcbe5c169842c9fc685d27228d45bdd545da24937f87c9c1c355c75e2e3f3a42216443f60b6e2244ae45fa42a64411f7e4c518e3a4742159248ae6df9f2a

    • SSDEEP

      384:AX8AFmmb7f0TOueKmVBy77udseXG8WIThDkz7R3bu4Uwvs7c9K7ZvEbJlXKyckeS:o8Avb7fjjcXuLRkVsA9K7Zvc6keFBF4

    Score
    1/10
    behavioral11behavioral12

    • Target

      DcRat/Plugins/FileManager.dll

    • Size

      31KB

    • MD5

      7eca574255ac9e859968a6378441c4c2

    • SHA1

      fd2cef00b6716e37cd5512830d9cf5d67ad998e3

    • SHA256

      cba6c28e0f96d775ff8f24c1324f7e4da1fc83c27053e95ce65a1684b99cdd66

    • SHA512

      f8cae653dbdaea7100800810e86149cacc0a97b9f1165efadf5a301659cb47ff0233c2e0fd1a5a21de395fdd39e812cc6ea8753ffb89c0c94fdb7fd828ec3857

    • SSDEEP

      384:MEGHWHugXvIgTmm49cj7ddseXGMBNhD8mouIXA4Pcg43YzMnIqE7GMiBrNelgU:Mb2fN49ydxZyXMXJnIr7GMarNk

    Score
    1/10
    behavioral13behavioral14

    • Target

      DcRat/Plugins/FileSearcher.dll

    • Size

      277KB

    • MD5

      71a50fb381374ac257c55b3644423402

    • SHA1

      1aed126cfc10538169a1a959db60835d3f66426a

    • SHA256

      62e8c83d9762f4dc50d5e359e6c990bed88fd11de86cfd64c66ae4b8b8fd157e

    • SHA512

      148361dc04abb0fadc803cba194a0c92c7d1beabef2733251fce91d3b0ba14afebe7c7460790e43f576e982403f9af613458603da18583c8f734a80915dc2226

    • SSDEEP

      3072:7GFYQ/KZdG6oE1nKSYfTvqCjUKidQTs2pccc9k1DEIWcSCSLeyYcEeI/KQ73WmbJ:7nwLrSYfDjtlAx9k1AU4pE0

    Score
    1/10
    behavioral15behavioral16

    • Target

      DcRat/Plugins/Fun.dll

    • Size

      33KB

    • MD5

      e702d966aa0b7bc5e9bbcd72338753d3

    • SHA1

      33a34aa24c99c104fa79457e5b5e4ab9d0f0c505

    • SHA256

      ae77ad03383aa87699a3c706955c732ba73c1210b11babe981df4379079ca0d4

    • SHA512

      111daf624538f39eae87f9b63eb4e3e99933450ee50d28c7bae17eb76eda0916a525082464d13e94215cca97db5689e3a56079eba86e2e3efeb11339e4b793ed

    • SSDEEP

      768:wOFmXPm7MACQnB5vrTh+gyR2Lybx9gnZ:wOFNnB5XrL88

    Score
    1/10
    behavioral17behavioral18

    • Target

      DcRat/Plugins/Information.dll

    • Size

      24KB

    • MD5

      35eb72e2b7c85e34fe4ea0be632ef247

    • SHA1

      82c760a3694fde480ed5500856341227dee21c2e

    • SHA256

      5fa9dd9e738b20f026b5f88e7158e3c5183d46c64b25ed40c2faff23b10a3267

    • SHA512

      5438e395c302ebf3b07f9f2df9db984c4e89557aeb500a02f27b4ab22ba20706cb32581de48f407ed2a686f033f2742d398e380241aaf9fbde8001419af8a1b6

    • SSDEEP

      384:gSvmkKbpmUGZdseXGvXhDYLuqInXx3McZgRaYzwM3tllsXxMSq:T+kKb0bZIqInpXZgRtzAxMSq

    Score
    1/10
    behavioral19behavioral20

    • Target

      DcRat/Plugins/Keylogger.exe

    • Size

      10KB

    • MD5

      bb705e1212af49881a31f2de2bc48653

    • SHA1

      a9728d5a995b163d6d4c590b3d79836b469806f7

    • SHA256

      85c1c0070b0bbe577cce521a39a4943e97120957fb5b69b0c0b913bbdc7f2f8c

    • SHA512

      9526b5279478e01c37ed001cd7bc69a3583cc5ce4a7c9ac0e404a1d8b554878513abe3c282eda81f8c524bbbbe84e7ec66ecee22ca62e88dc8962aed58662aed

    • SSDEEP

      192:Htmcuq6MYDxi4maEYbRzmEsLkTgv5JHTUeJYHcwY7fazJFEi:HtlF6MWE9rUhVsL15pUrYyVFE

    Score
    1/10
    behavioral21behavioral22

    • Target

      DcRat/Plugins/Logger.dll

    • Size

      26KB

    • MD5

      9312c0416feb53f93f9ac86ada74ea49

    • SHA1

      864bd7e26d30d95e0bf8360e64c5dc05d1e85601

    • SHA256

      e74d874a3667feac3a7a9e1f7052c7d6bd77996e6c7b87abb480d5d945cfc233

    • SHA512

      7736cd77ab92446d56d53d34e96f2c68eb2688f759fca4bf3c53b1f8568a770937067d2056e9ed51816d063338e32b5c44429b1ab98e1c74c3f3bcf0c76b8802

    • SSDEEP

      384:Ky2nOVC1a1WmAcsH2Co9KPdseXG8iIhDbuLCG4kNmCWuxb87AMF3:KrQ1hNsnPZ1JkR8753

    Score
    1/10
    behavioral23behavioral24

    • Target

      DcRat/Plugins/MessagePackLib.dll

    • Size

      16KB

    • MD5

      e1102f019724da3db202566e69daa9ad

    • SHA1

      2215bd2d98a3d8cc8cb3cac132c12f3f1ad55d4e

    • SHA256

      4e5c67513e229da9e25476ea13d3df6958c9ea819a3a6fce0f179d6d76154792

    • SHA512

      e64dd6383af168848016820a6cedacbd7d400b91c0ebb681d264d3aede2411a1a190c41ad9261384422e83cf7b3afe1068d5bf1266a3cb56be547cd757389d18

    • SSDEEP

      192:qbl2mHTq8EBOk7wt3exS7Nr1j1N4k/g5niseqdz/YGr8puYJekwDMRqNfCmMDRVM:/mnkO72iseXGr8puUUMmMDRVE7PuFRW

    Score
    1/10
    behavioral25behavioral26

    • Target

      DcRat/Plugins/Miscellaneous.dll

    • Size

      82KB

    • MD5

      4ebad0c85bc7fd9fda2fe3faac0971e0

    • SHA1

      ae551bc56f59af2910e56c8bafd0c381f0be5632

    • SHA256

      438f81782fa57262b6cf00c17c07e05d4c13612b6ee3c304db642b537092b768

    • SHA512

      25d099a9b0525d8fa53a6009b06931fa8f506cbc47f12dae3cf0c38508cf53413c123b2829bf698723a4a5c6a794cd970a41bcd154b41a87cf4395e7aa27fb5f

    • SSDEEP

      1536:pZce38lSJ3k45otUV251nos3O4RaamPab:pZceRU4KSV213O4Raah

    Score
    1/10
    behavioral27behavioral28

    • Target

      DcRat/Plugins/Netstat.dll

    • Size

      24KB

    • MD5

      5d4842f9adbda550493f64b6494760f5

    • SHA1

      3f28d71d1abfdb2c7a22e038c40134a0fb294b08

    • SHA256

      6cc26e5fcad80b7cf16b14f30c226a47b78a8ba21f8a43b8b4b3c41d22f3d93e

    • SHA512

      d4f886ccbd2fefd1c8319230ca2bc4eb02282dc8d487e1773852c031b6ba07b4ed4aa41d028c35cac33b2e9ba4938085d8c10dd3e20eea4c82c8e590f8b1f8aa

    • SSDEEP

      384:Lrl+bbgmsHmxSRmqe5HPwKRsJGAdseXGOhBReDmYuFCJG0BBS93NNRk+rs25x55K:LwbWGcMqc45L6eC1Bu9Tk+gn8sL

    Score
    1/10
    behavioral29behavioral30

    • Target

      DcRat/Plugins/Options.dll

    • Size

      378KB

    • MD5

      02a0461b1cc18677bef6fb62122bd091

    • SHA1

      fa77298641d2a499da56ba112296c5a469a7d6a6

    • SHA256

      edfb9fccf0853fad2647060eb93a4c097c76c86e689c004cc0dfc9e897a1024a

    • SHA512

      4f8f5e9380302c5d5132a5cbb9a66dd73eceba5c7d899d48a7342dffbd18597311b095a25121fc0f16503dd895dd92e96c856aee1cfe688b4c01e7af2160901a

    • SSDEEP

      6144:zTG2nhDLZ03+biuOd1jScGHkl6GfIrOzXeiKvhzmYVV7+FWWz06v:vnnzEYcVXeiWBVqO

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v6

Tasks

static1

ratasyncrat
Score
10/10

behavioral1

asyncratrat
Score
10/10

behavioral2

asyncratrat
Score
10/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10