dcrat | 5a5e3d70cd466c1fd8b96432c3e547d1219f87562450259393b51780b65a201d | Triage

Submit
Reports

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.5MB
Sample

230528-az7l3sea9t
MD5

ecee2ebd3ec0c0d36f88475532eddbef
SHA1

c68350688ae49166da20529076bc6e09ece54972
SHA256

5a5e3d70cd466c1fd8b96432c3e547d1219f87562450259393b51780b65a201d
SHA512

6761c27b5eefa8005f4a175df4f17bbfb84cda2ecd47a894a8afbafd0a8e05b102e93f795a291e29e1a8736c9a55d573d08827dd48bfe20045f73796954c5232
SSDEEP

12288:RajiyzjakY85lAi78xkprnzbBxo0O57I3WkctrO73yvKbXRXy2/xcehJNHtIEwyk:RhmYpiwC7BxLOyWj2F/jzNIEF30

Score

10^/10

dcrat infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20230220-en

dcrat infostealer rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20230220-en

dcrat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  1.5MB
- MD5
  
  ecee2ebd3ec0c0d36f88475532eddbef
- SHA1
  
  c68350688ae49166da20529076bc6e09ece54972
- SHA256
  
  5a5e3d70cd466c1fd8b96432c3e547d1219f87562450259393b51780b65a201d
- SHA512
  
  6761c27b5eefa8005f4a175df4f17bbfb84cda2ecd47a894a8afbafd0a8e05b102e93f795a291e29e1a8736c9a55d573d08827dd48bfe20045f73796954c5232
- SSDEEP
  
  12288:RajiyzjakY85lAi78xkprnzbBxo0O57I3WkctrO73yvKbXRXy2/xcehJNHtIEwyk:RhmYpiwC7BxLOyWj2F/jzNIEF30
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2024

Terms | Privacy