General

  • Target

    HEUR-Trojan-Spy.MSIL.Stealer.gen-f653378fd0d7.exe

  • Size

    2.0MB

  • MD5

    69f7be16b8757bdabcba2ce9af0ceace

  • SHA1

    7b67fe6f6ae704009ebbdd0a86787a41832d8851

  • SHA256

    f653378fd0d70ad1d3f3f86a34ad7b0031358612e8f9d08f692c486207a991e8

  • SHA512

    0a610e75364d4a1b4eaed9c1aceca6dbfa00b4e9729953146974c46c63d522c6a40121565485d00f6a7e587b739f8b3f730b9c9f911e9c7a1821fb1daf3793bf

  • SSDEEP

    24576:52G/nvxW3WS02yxYeTpUhC5vBS/oNHlnDXHp0wq3cFUNN/lvzUBC7N++44:5bA3y2vhCRVFDXlqGw5/

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • HEUR-Trojan-Spy.MSIL.Stealer.gen-f653378fd0d7.exe
    .exe windows x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections