dcrat | 902f23bf59a88f55308bfc6859d93e2c04d0bb53d1c0079ff2fcd35d37e77471 | Triage

Submit
Reports

Overview

overview

Static

static

1

asm_arm.exe

windows7-x64

asm_arm.exe

windows10-2004-x64

Sharing

General

Target

asm_arm.exe
Size

492KB
Sample

230421-tg87qsgf77
MD5

e6044dd1834bb7cae5386c3ef35797d8
SHA1

588630b6ef3be69baa6fdc5edc05143b32e5884d
SHA256

902f23bf59a88f55308bfc6859d93e2c04d0bb53d1c0079ff2fcd35d37e77471
SHA512

2b330cd1bec5f7cc54ccedb61a71eb3de1b2e4e3336cd0006756c6f6dd72bd0f83249cf0b0d6662a8a120dbe52dc7b4fc76036a5d11da22ed160997f375e8307
SSDEEP

12288:gqIUG6NIOou2Q3uy2FQqZqc36v27Uzqi3Uj5Eyf:gyG6NIOoub3uy2FEs6uQz/Uj5ff

Score

10^/10

dcrat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

asm_arm.exe

Resource

win7-20230220-en

dcrat infostealer rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

asm_arm.exe

Resource

win10v2004-20230220-en

dcrat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  asm_arm.exe
- Size
  
  492KB
- MD5
  
  e6044dd1834bb7cae5386c3ef35797d8
- SHA1
  
  588630b6ef3be69baa6fdc5edc05143b32e5884d
- SHA256
  
  902f23bf59a88f55308bfc6859d93e2c04d0bb53d1c0079ff2fcd35d37e77471
- SHA512
  
  2b330cd1bec5f7cc54ccedb61a71eb3de1b2e4e3336cd0006756c6f6dd72bd0f83249cf0b0d6662a8a120dbe52dc7b4fc76036a5d11da22ed160997f375e8307
- SSDEEP
  
  12288:gqIUG6NIOou2Q3uy2FQqZqc36v27Uzqi3Uj5Eyf:gyG6NIOoub3uy2FEs6uQz/Uj5ff
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2025

Terms | Privacy