Overview

overview

10

Static

static

10

f04597b198...05.exe

windows7-x64

10

f04597b198...05.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    aff9e3ee939d89333ab2152b97ca2b1e.bin

  • Size

    369KB

  • MD5

    599d50faea884aecdf5206db4096801b

  • SHA1

    9ba75b3f23bb5f7cf0765031adf498fe5f82f8dc

  • SHA256

    1bee6f1e2c2e5a704a57f3b5593bb45ed3af4bce3622540d1adc3d178ea5900b

  • SHA512

    353e69cc50450a6543a93a3c4498db12f7b6e5c05d5f3986c9e79719c3e4f8882adf5ef231771d5a1f9f546f717236d9d8558a143062bf42934c107db69675e3

  • SSDEEP

    6144:zw52cOzw58ssMoGklruScFyqcxicXuNj+PWVfS5dihKSYfCc0sYiFu9HV:z0DmsiGqubJIu4WVSTi8ld/LCV

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • aff9e3ee939d89333ab2152b97ca2b1e.bin
    .zip

    Password: infected

  • f04597b19822f7ba1e178240ec20c4b024bf7b889cb922d3bd38cec8539b3d05.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections