General

  • Target

    devalt.exe

  • Size

    2.0MB

  • MD5

    fc9ea28a3c3659c4200e442d20198458

  • SHA1

    79ede873cd08d5941e54524dd85b5add0a79bd7c

  • SHA256

    51c3cebd8c8fe19e37b68c64218b4c4552aac4c804bd04ed372fd74d52668ff0

  • SHA512

    c2357a0eb6fd31929af57c544be2de14b0daee2a731ec09e586b0ac748b7368ae5a022d0d8dae0ccece0fa860799a0da02405f60d86a963e177508b5e4220a17

  • SSDEEP

    49152:ubA3jVKbYcU6bWUfj4a7syRO2tzK/RNS/2t:ubjJXj4a4IKJYet

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • devalt.exe
    .exe windows x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections