Overview

overview

10

Static

static

10

5232c6db5c...74.exe

windows7-x64

10

5232c6db5c...74.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bb1ef2ca98ae809bf836c6f1767cc426.bin

  • Size

    415KB

  • MD5

    fbe231f200259c83406632b45a01d3e0

  • SHA1

    c70bf283100a7b5b7be5ba12564919a1d2810af0

  • SHA256

    e7bf634e86e32e7acd35e92b170876bc63d4d5b259daafd117a6e9274f958e50

  • SHA512

    3674c62c1b05af9878c8a4cc867d6d20a857380a93cd45012d716b2197aafa344babaa80947c53710add0373452f3b981004192486ce946ef575060ebc3cdc4f

  • SSDEEP

    12288:NEaSDFQiirtuB1qHGwWxp0/5ZXcdR17rO5T6:NEXeiiUB1Thp8AHAV6

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bb1ef2ca98ae809bf836c6f1767cc426.bin
    .zip

    Password: infected

  • 5232c6db5c412780ace4c035be6bde85e2ff91f4d5699f849b028939dc39cf74.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections