dcrat | 02a2b3e40710f15c97b9f90e99bd14bdab3df5833c74d511c2ea8ebb0177f279 | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.cbddc...c0.exe

windows7-x64

NEAS.cbddc...c0.exe

windows10-2004-x64

Resubmissions

13/10/2023, 20:40

231013-zfvwlsab95 10

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cbddc12efb35b167d9bf89ec8aedbac0.exe
Size

2.3MB
Sample

231013-zfvwlsab95
MD5

cbddc12efb35b167d9bf89ec8aedbac0
SHA1

caa75e130c53e4a9b4dae297fc63085bbd204e91
SHA256

02a2b3e40710f15c97b9f90e99bd14bdab3df5833c74d511c2ea8ebb0177f279
SHA512

4dc88c280fd1d7bd1d1a33236703c1ef15f610b2b311c72190dd6ef041773bc1bee1ca4fdecb76298d437a7105e7779dc1a1c76353932b8e09d3fa141065c131
SSDEEP

49152:39JJfWb3z7NWrRAMh8l9M9VnnoHszsLvDFH9TX:39TWb+RAMh8l9MYHusnV9L

Score

10^/10

dcrat infostealer rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

NEAS.cbddc12efb35b167d9bf89ec8aedbac0.exe

Resource

win7-20230831-en

dcrat infostealer rat

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.cbddc12efb35b167d9bf89ec8aedbac0.exe

Resource

win10v2004-20230915-en

dcrat infostealer rat

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.cbddc12efb35b167d9bf89ec8aedbac0.exe
- Size
  
  2.3MB
- MD5
  
  cbddc12efb35b167d9bf89ec8aedbac0
- SHA1
  
  caa75e130c53e4a9b4dae297fc63085bbd204e91
- SHA256
  
  02a2b3e40710f15c97b9f90e99bd14bdab3df5833c74d511c2ea8ebb0177f279
- SHA512
  
  4dc88c280fd1d7bd1d1a33236703c1ef15f610b2b311c72190dd6ef041773bc1bee1ca4fdecb76298d437a7105e7779dc1a1c76353932b8e09d3fa141065c131
- SSDEEP
  
  49152:39JJfWb3z7NWrRAMh8l9M9VnnoHszsLvDFH9TX:39TWb+RAMh8l9MYHusnV9L
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2025

Terms | Privacy