General

  • Target

    3a971964658a0bcaa170bed495b58f02.bin

  • Size

    730KB

  • MD5

    04bcbb475747a70181cdb581e95bec7b

  • SHA1

    ce235e12c58c91c4861f9cfc2d7d44440df7214f

  • SHA256

    64dde211f15557203295b902c135b2aa2e32ca018529e30c4d929527a049dc7b

  • SHA512

    fe454a09bc0ec9e33e487a2b0fbf909cac0112886de28386213c7b890a5b1cde8fc1b27a7d846204c513d53df35afbc8a67b0ee7fa4acad927eb054775e0c414

  • SSDEEP

    12288:BCmCf8VGgz808elt4gu0PXGmoA/P6J4Va7zA0LX4nQCpPN/msGivW8IhzpqoGl9f:BC50Vt808U3ump6f7bUpPs3/UFlk4

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3a971964658a0bcaa170bed495b58f02.bin
    .zip

    Password: infected

  • b1793fd7329055b97df5f70b7a325df0b79a132321e9d116d501fa9aaa95d4dd.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections