Overview

overview

10

Static

static

1

2ab209c8b1...10.exe

windows7-x64

10

2ab209c8b1...10.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a68a2cbeb827588f3749568b121a79b.bin

  • Size

    421KB

  • Sample

    230614-brr24acd96

  • MD5

    7d6bbbda04e0e6ecf02417f769c40d5a

  • SHA1

    15edb66e573467120bb30a17eb2a5ed04b3c7258

  • SHA256

    1de7650c556d75e0601b93f8efd55d10f6c8d5f344d92aa2bda1bc7a9412866e

  • SHA512

    c6a106eefaaa5a18fa87ba0861f4c1c62f4324f94ef320a46f7d051cf0d78d791314c80a4eead8beda7e0b272981770a5521e2e3778e658cc9e4e4f0e123d090

  • SSDEEP

    12288:Ka6zwrAlBpQahrY0EjKzcS0hbWeqIZhR3ZB:8ziwBpQa7EmcSKWeqGB

Score
10/10
dcratinfostealerrat

Malware Config

Targets

    • Target

      2ab209c8b13fc820c0f2cd15de422053e94e2ca02b939ff97eeb2abceb5bb810.exe

    • Size

      897KB

    • MD5

      3a68a2cbeb827588f3749568b121a79b

    • SHA1

      a40fc3b0c547826353088baf247b379f1e10f25d

    • SHA256

      2ab209c8b13fc820c0f2cd15de422053e94e2ca02b939ff97eeb2abceb5bb810

    • SHA512

      7ab8bb1605cfed214d05c6dac5dc05df0b66c90e7abe67629e8c879483d5f2784edae832f48acfc92c968a3da1f13e76e5db699890ed85b0c00bb551e0e70b7d

    • SSDEEP

      12288:x7Gmaojeh4hLyhLk9el5ih7XrIqEMbs0qFvPrVc8Ml1T5J4rNl99uF04r4hZZ1v6:MTMYP2tP4CKdKh

    Score
    10/10
    dcratinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks