Overview
overview
10Static
static
10DcRat/Rele...at.exe
windows10-1703-x64
10DcRat/Rele...io.dll
windows10-1703-x64
1DcRat/Rele...at.dll
windows10-1703-x64
1DcRat/Rele...ra.dll
windows10-1703-x64
1DcRat/Rele...er.dll
windows10-1703-x64
1DcRat/Rele...er.dll
windows10-1703-x64
1DcRat/Rele...un.dll
windows10-1703-x64
1DcRat/Rele...on.dll
windows10-1703-x64
1DcRat/Rele...er.exe
windows10-1703-x64
1DcRat/Rele...er.dll
windows10-1703-x64
1DcRat/Rele...us.dll
windows10-1703-x64
1DcRat/Rele...at.dll
windows10-1703-x64
1DcRat/Rele...ns.dll
windows10-1703-x64
1DcRat/Rele...er.dll
windows10-1703-x64
1DcRat/Rele...re.dll
windows10-1703-x64
1DcRat/Rele...ry.dll
windows10-1703-x64
1DcRat/Rele...it.dll
windows10-1703-x64
1DcRat/Rele...ra.dll
windows10-1703-x64
1DcRat/Rele...op.dll
windows10-1703-x64
1DcRat/Rele...le.dll
windows10-1703-x64
1DcRat/Rele...ry.dll
windows10-1703-x64
1DcRat/Rele...nt.exe
windows10-1703-x64
10General
-
Target
DcRat.7z
-
Size
4.0MB
-
Sample
231115-jqwmwsee49
-
MD5
fb2cbe9bcef427c62aebb0aa88c7da61
-
SHA1
019c5c05b2b8c8fa3a96f02f376ee10045d2ccae
-
SHA256
cf46cd4704753187ebd10eebaace4d4034109fbb28e45b915888afd66ad12404
-
SHA512
18c4d59c7938ece25400f3b87d17be397baa858530945ea698dd72722c4fce5897795c5a9d1769f8182d6319f11e4eba9c0cb2515d4760b2b3235da97833caae
-
SSDEEP
98304:duPQL6HZ4+zkMgDWby//eWG/mdBMXW3Jx3/EI+eZ:duz4+zyDWbRL2T
Behavioral task
behavioral1
Sample
DcRat/Release/DcRat.exe
Resource
win10-20231023-en
Behavioral task
behavioral2
Sample
DcRat/Release/Plugins/Audio.dll
Resource
win10-20231020-en
Behavioral task
behavioral3
Sample
DcRat/Release/Plugins/Chat.dll
Resource
win10-20231020-en
Behavioral task
behavioral4
Sample
DcRat/Release/Plugins/Extra.dll
Resource
win10-20231020-en
Behavioral task
behavioral5
Sample
DcRat/Release/Plugins/FileManager.dll
Resource
win10-20231025-en
Behavioral task
behavioral6
Sample
DcRat/Release/Plugins/FileSearcher.dll
Resource
win10-20231023-en
Behavioral task
behavioral7
Sample
DcRat/Release/Plugins/Fun.dll
Resource
win10-20231020-en
Behavioral task
behavioral8
Sample
DcRat/Release/Plugins/Information.dll
Resource
win10-20231020-en
Behavioral task
behavioral9
Sample
DcRat/Release/Plugins/Keylogger.exe
Resource
win10-20231020-en
Behavioral task
behavioral10
Sample
DcRat/Release/Plugins/Logger.dll
Resource
win10-20231025-en
Behavioral task
behavioral11
Sample
DcRat/Release/Plugins/Miscellaneous.dll
Resource
win10-20231020-en
Behavioral task
behavioral12
Sample
DcRat/Release/Plugins/Netstat.dll
Resource
win10-20231023-en
Behavioral task
behavioral13
Sample
DcRat/Release/Plugins/Options.dll
Resource
win10-20231020-en
Behavioral task
behavioral14
Sample
DcRat/Release/Plugins/ProcessManager.dll
Resource
win10-20231020-en
Behavioral task
behavioral15
Sample
DcRat/Release/Plugins/Ransomware.dll
Resource
win10-20231025-en
Behavioral task
behavioral16
Sample
DcRat/Release/Plugins/Recovery.dll
Resource
win10-20231020-en
Behavioral task
behavioral17
Sample
DcRat/Release/Plugins/Regedit.dll
Resource
win10-20231020-en
Behavioral task
behavioral18
Sample
DcRat/Release/Plugins/RemoteCamera.dll
Resource
win10-20231023-en
Behavioral task
behavioral19
Sample
DcRat/Release/Plugins/RemoteDesktop.dll
Resource
win10-20231023-en
Behavioral task
behavioral20
Sample
DcRat/Release/Plugins/SendFile.dll
Resource
win10-20231025-en
Behavioral task
behavioral21
Sample
DcRat/Release/Plugins/SendMemory.dll
Resource
win10-20231020-en
Malware Config
Targets
-
-
Target
DcRat/Release/DcRat.exe
-
Size
12.3MB
-
MD5
7fce411ea2b74f227489659113960b18
-
SHA1
543d95b74193a188fe273ce7b065aa177405beb5
-
SHA256
c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248
-
SHA512
42de7bc4a0b47e1053ff3ff52a3f887e56759f81cfa691996a533d769e80f98b3e8dcf869785fce801d9cc7a2bc3d675e2eb832b520846b053d6b07093be2678
-
SSDEEP
196608:XtfZFB2gaNIsNNNNKmvN8rNNNNNNNNNNHbL7aIXM1B7Z0/3G6tULs8wR:XlT81Bd+3G6
-
Async RAT payload
-
-
-
Target
DcRat/Release/Plugins/Audio.dll
-
Size
22KB
-
MD5
9834bb111cfe8084c4f88b10c246f4b0
-
SHA1
68fc9f2e8df32a350a56300b3c2bc97f7159c340
-
SHA256
b843447e46f13e5cddc2d3ccc974fdea22a03a4a393a9310787c56b9f18a4c5d
-
SHA512
7b7f7b93c2094f8010fc8ee696a16d3fe8190ce79bfa1fa083a4a09d9d9bc187eb5b43ddd4674c3d11ddadca273c4c108a64d5d7316d923ddb2c351d0be556d9
-
SSDEEP
384:FSRj1EfmW3sHmH+6kBdseXGDfICDzu5RQujuAa04FOkh6:FSRj1N0sHieK/7ouAhRO6
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Chat.dll
-
Size
387KB
-
MD5
485874ca1ca6a970edbf93deacade012
-
SHA1
d6d94a485d4a43f538d305178408f34c032ece60
-
SHA256
eb772c641008eb5d441c37095a4e0b395748b0246f187d30a92c9284e56507fd
-
SHA512
2d49477be64537841de35973575b0f1d3aa44cda9cbe76e3b53fc4d31c8156caa6e1a33af6a60892f912a683b1600a264f256d913ed1a90499796b493ba4aef8
-
SSDEEP
6144:pX0cZsaB6N83r2y/plBWnxfID/uKNlNQ7fOiLXyCrxO9w+KQqxe/t3y:pkcZBB6NKbBWnxfIvNr4siQqxZ
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Extra.dll
-
Size
29KB
-
MD5
00d372a4d492c46625e6a2bcf98e12f8
-
SHA1
6663347f6dc00942e32127b4de64a55a348082df
-
SHA256
df8bc945b8e62b82f31e5eb11f472392130becfcee16fd0832e7ae4f109a427e
-
SHA512
051bb37839176ec7c22bf3af57ad3a3e162dd833074be2ea6be937663bb9e6a880007d99425debd6a39ebd255131076a84cd128806990bc253aaea385e656931
-
SSDEEP
768:iYzenGCmW8NtQwcGLKfq5T4iqM60TSZh:ijGvmwRKf6hsT
Score1/10 -
-
-
Target
DcRat/Release/Plugins/FileManager.dll
-
Size
32KB
-
MD5
67f3e90ab8453715362f181b55315e57
-
SHA1
31b93df1ead2b4abe01234444965398b3fe93be0
-
SHA256
1a311b860252d4aa0c306d9a4e580c1dce91a7f3a03e289ff02b3d4f59588276
-
SHA512
6e8fb1d9f5d568376ab15894f1709d5aa0cb467cb34a1aa9ab3f0bfb78af8cfba76cb185cdfc797ba6afd30f88c9bcf79d118efc2999af12e6bbc21debd3a6cd
-
SSDEEP
384:TEGHWHugXvIgTmm49cj7ddseXGMBNhD8mouIXA4Pcg4PYzMnIqE7GMiBrNelgc:Tb2fN49ydxZyXMXxnIr7GMarNM
Score1/10 -
-
-
Target
DcRat/Release/Plugins/FileSearcher.dll
-
Size
277KB
-
MD5
6d837cc3170240963302c07cdb0cfa06
-
SHA1
d6aab1c8842ef388a756259f49e97de3caaf2732
-
SHA256
6ad83748dae28b4f8e6e93c54ff08fdb01c91eb4f510967145852a2c4b64703c
-
SHA512
baaea2aaaa42d75012c7fcf735b31deb0531e35c7a6a9d93965630a3fa31e8fed836f98a850760eefc253a2ebc001be4c79956efdd6ce51289dd0296cf7c7f1b
-
SSDEEP
3072:/GFYQ/KZdG6oE1nKSYfTvqCjUKidQTs2pccc9k1DEIWcSCSLeyYcEeI/KQ73Wmbn:/nwLrSYfDjtlAx9k1Aa4pE0
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Fun.dll
-
Size
33KB
-
MD5
4db70bd8aab4b9b62ce8c318db634b21
-
SHA1
7f5b4b21a021b5fd95702426d97a62222d26520b
-
SHA256
8b8ecd3edab14d136f3257411e2ff9436ae2eebc96f3613e84abdad0fb0a1f3c
-
SHA512
78b59c833075b904c404eb860d309dd15c364032154401a910538bde573be90d7057e2ec390d76104b55da8e586660022633f5566950c1e0eea775474a282004
-
SSDEEP
768:mOx2Xd9ySMAwQnf5vrTh4g7aRLGzx04XF:mOxA3nf5xeRLZM
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Information.dll
-
Size
24KB
-
MD5
3105d5c3eeca8a242e366369bf0f1f45
-
SHA1
2ad3283dd949848db6ed4a844500d43a373b650b
-
SHA256
a1a9dd40bcdf20ba208aca0f687fe4bb0a50cc9d62416253d9416400b1cbc9aa
-
SHA512
66ab935e909bc53f9ab9dccf925dd19cb4160fb5e69249274be1a3a502ea1e8061f044dd92e473e5298f768f30e0455731f52532039e80b9cf507a1012201a98
-
SSDEEP
384:oFvmkKbpmUGZdseXGvXhDYLuqInXx3McZhRaYzwM3tllsXxMSc:Y+kKb0bZIqInpXZhRtzAxMSc
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Keylogger.exe
-
Size
10KB
-
MD5
29104fc09f07bfe4dbb67b1158c295e4
-
SHA1
4386610fd26b3c146838fb321626fcf776e2c803
-
SHA256
4d8c478eb9b6d2128be7d43be944b125700a8f505ef7951679c974617898a03c
-
SHA512
d72ef8d451cb49ae7af84811f1f2d785390fce36bcfa544505647ab123e506975f5fbd8bdeb17706a497e2a705a5d0aaf6f6058e54dac26724ff8439f3cbf928
-
SSDEEP
192:jtmcuq6MYDxi4maEYbRzmEsLkTgv5JHTZeJYHcwY7fazhEi:jtlF6MWE9rUhVsL15pZrYylE
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Logger.dll
-
Size
26KB
-
MD5
a77594c93c6b1ae5e13b71df4cb030c0
-
SHA1
8cd99c7365376445012f16f3fe9f22f0a0fda7bd
-
SHA256
870507a66814c8eac8d062a9bd77614db8ef1ee81b17a865974d9e07bbd0318b
-
SHA512
2fe23ae9f06f471c96bd91ec2ee91be69a7ef373d149a1cf9fdc83ac310f8d746ffb998c730588e0f7285bfbbe0709fa5938ccd77b50e53996323aecf5131cc6
-
SSDEEP
384:xy2nOVC1a1WmAcsH2Co9KPdseXG8iIhDbuLCG4kNmBWuxb87AMFn:xrQ1hNsnPZ1JkQ875n
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Miscellaneous.dll
-
Size
80KB
-
MD5
0c49fa7e8a6191f95a5a411b216b5dfe
-
SHA1
4476c1694437bcf7feb8eeed609d450a35fa578a
-
SHA256
0f000db8616abb51a74b8fcf943a693b4c78518634df96b7a4546a870de15076
-
SHA512
e4bb840a76c3e35dedf13bf1dda421c0cce4db06a043d181ef5bf02ffcb45e05216e4058f4080b46bb1f7f664f198c859c26d41906ecb4de168c2aaf1a36ffd4
-
SSDEEP
1536:st8eSLHUxdQehszbHLofcV2jNnSe3Oy4kkiRa9Uig5StP197:smHUxdQeas0V2V3Oy4n4a9Uig5Sp7
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Netstat.dll
-
Size
24KB
-
MD5
add261063f3e20f12a77551a91f2c54c
-
SHA1
96c658d7defd3515585d3b5c02cc0e6167670991
-
SHA256
e8dfd4a2885084d0463b6c68041b601bb96bbc49962716e88f915edc64a97428
-
SHA512
0030092a7e75f26ad67ed9d81e641d28d5db62270ccdb455941ec3a5d1c10e7cde4c9fa580f54614e17dbc61d3a1f176e119b1a7fdc93f9b5753ef8962f07512
-
SSDEEP
384:+rl+bbgmsHmxSRmqe5HPwKRsJGAdseXGOhBReDmYuFCJG0BBF93NNRk+rs25x55j:+wbWGcMqc45L6eC1Bf9Tk+gn8sa
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Options.dll
-
Size
373KB
-
MD5
f623829ff9a5014f398432b4509fb9f8
-
SHA1
f402bfeee72932b018368d1573b214b81f697536
-
SHA256
f7a2cf016280a5e7a24a46d6e81a704bfccd6486b35afefc4601a8330895f85f
-
SHA512
14b83f4d46824dfe804ac3229a354e2957b058db92100be93beddbc22b3b3a3afd4ad9326c4ba8e893836f34775223a797116ef85055636a24b46b7d4459417b
-
SSDEEP
6144:5PcVUKQh7PTlFOEPDDeXmCIW89LQsgd/mVHeiOA7+Yi4kZd:5EVoVn2Xa9Lad+b+Yi4kr
Score1/10 -
-
-
Target
DcRat/Release/Plugins/ProcessManager.dll
-
Size
25KB
-
MD5
856c461db8d31a410299c90e2d2fda0d
-
SHA1
6dc8820ce249a75653aa54dbb51a2d752a448f39
-
SHA256
fe64f6419cc7e3906c42e413bd844655a369fcc15c6ebd99b7951309e279509e
-
SHA512
23e6baee7c15e09fea41d7f7d15d0a224241bf560e9b5573885fa448bf0560d6b8d22faba36a475bea961fb33f0289ab5229837f0b5d2b7971e50456ac7facbf
-
SSDEEP
384:HiL3RGwNe7Nm1T33T9OZNA8SwCguRvsPzHdseXGii6ZDWl9UZ5QDBfqFucvAYFYL:HiL3A2eg1L3B7wUvsPT9mcvNYfLn
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Ransomware.dll
-
Size
97KB
-
MD5
1fd1dbefcb19ef46778ae437e82b3bdc
-
SHA1
7e99fa5bf165f6ca552d5bc150d01c3bf26f7b74
-
SHA256
fd0387ed6322079b9e95fb853e4ffc683782a221dcc49b740937cd0e173c6fad
-
SHA512
b990058baef88ef5f415f52414ae01cca45bab6bf3cb1b7ab361509bc00b5ef1d36c262c6605baada07b56bbcf2ffc0d184640c2d0f05f8387069f2435eca137
-
SSDEEP
1536:hQaxD6uxxNV41T56kDgJp+isYOmvZfi3Oqbh9rzvbVP:Kax2uxxNV41T5lkjvv83OqbjPZP
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Recovery.dll
-
Size
1.3MB
-
MD5
b4762c63cc383eb02cb093eeb88aecf1
-
SHA1
a3a1fdd8612c63f6d62d5a62915966be8e922ba1
-
SHA256
ec768f980b651a2fbbbcffb715bcac5214730c02ff21a1a987d6db9cb04f01e1
-
SHA512
51a9a8665be79a043dafe114d577988d5ab74803ab738d4d7129136372c7e1db4719c83e98c6e3aa7a8374a84cca570b34274d6bf18272906e6504872c514a1e
-
SSDEEP
24576:obiHpeKuuOcI8FeZ1H9StDW+gmGIX4exF9JdjT:obiHAG9cgymGIX4eBj
Score1/10 -
-
-
Target
DcRat/Release/Plugins/Regedit.dll
-
Size
279KB
-
MD5
2d7aef122e60ce2180c58b8ed9efc2ab
-
SHA1
a389ca6f93f0d963ee7156e7a5f95684cdf5fdae
-
SHA256
39324c7593b5dd64bbbf75fc6ae108721ed211b404f16542a0d475b4623ffeb6
-
SHA512
a6baec7ab964823e881e839242fcc6a1062ae5f442db52d6366e5c2fe212f0113b3d8050ce50ea447eb2c8e7f3987ba225b75cc5b8279fc4daea683baf933482
-
SSDEEP
3072:UzAqsjXBXBqf6ura3Rx7+HHgmIKxUI0oWFcgboxW5d5qkuoXxweMSfb/F0:yuRRtL2HgmmoscZW5qj6weMSJ
Score1/10 -
-
-
Target
DcRat/Release/Plugins/RemoteCamera.dll
-
Size
107KB
-
MD5
2835c05dc7f763c60b2126a490dfa23e
-
SHA1
9948a0361110b385b5bd8669964749476db85748
-
SHA256
d324ec3d6d125a819f1f06b157f176b8148bd3fce0fd688fefa65cae5b0eb63c
-
SHA512
754c123cf6df42196df835078ea74e9e6e2fdf62676a0075cf5c4a2ff9839b14b609db8962af84d108385e2b7493ed46be821f0c63ea83e316fd236537fc47a0
-
SSDEEP
3072:5OFFLLddftQGkkeeMMyDRRHHZZzmf7oQTLuxkyqIpQkosaYuYmBBvU83p+d3:4FFLLddfBkkeeMMyDRRHHZZzq/IpQkoX
Score1/10 -
-
-
Target
DcRat/Release/Plugins/RemoteDesktop.dll
-
Size
34KB
-
MD5
3baefe634abb75130635ce5e06758f62
-
SHA1
d820a0e6e7b7379bc864b90dad2eaea43419f6f8
-
SHA256
518fd63c51d5599ab3f578718735ea43550705a3cd53f6c2782203005bc1f1c3
-
SHA512
b545643fd9ddebdabd1e9379886357194a9ad4919a5c8874c5ce8eaf71634228f7e75b97bec1f4ae67b2b8ad9695c465248a9d1b1366266fe011c661c5b34c8e
-
SSDEEP
768:zgkUHv6PH412Z9z9kqTwwXT/PP1ne1e749:znbZXXTVj/PP1ne1q+
Score1/10 -
-
-
Target
DcRat/Release/Plugins/SendFile.dll
-
Size
26KB
-
MD5
04545a1371ebf983f37bdac5684506f1
-
SHA1
09e53e4eef4c4c91fd3d053d291196aeac7356ed
-
SHA256
54a25baff557db5c79e3cc342368adfcfd9ab2ea9908343a4f6a6267258007d1
-
SHA512
b35d12f164cb18ec8a5a5931fa2d8324cc1a5e8e3136d1033c2df3d26e8b037f238bf095f0f9b21e453100e9cd37219fc2732589b388b68de5ca48064b946264
-
SSDEEP
384:auDs6RbLDm9jJ5AftugdseXG88nhiU7eugRZAhrcvlMdBNI2qIcidq4jkcEjI+aF:f1969jJ5KugTDvYQvG22TdPH3lEi
Score1/10 -
-
-
Target
DcRat/Release/Plugins/SendMemory.dll
-
Size
27KB
-
MD5
b2f6f7137b96e5f97516f27e1c252943
-
SHA1
09a9c48d6b9009e9a1639414da89334d96544507
-
SHA256
123fb77ea70cd48298a95cb84464e9cfd57c125828592d63941a04ea5ff91e4e
-
SHA512
80f6add4537d5f05362ba140d420f4a840f6a4dcc10f61302c5dfd86f9559b9827a6913a28334fe804fd0555af4aa99fba9fc1614fb1c9ec938780432b37fd39
-
SSDEEP
384:go7mTJ92TmR0EMZadseXGUDfhD0uQ5MZm412CqDjbAFUYZE5xWfNxTa52p85:goiTJ9NOVa9pX1/mYZE5xWl5g2pO
Score1/10 -
-
-
Target
DcRat/Release/Stub/Client.exe
-
Size
45KB
-
MD5
c007eafb83bde10955e1fb1f559a207e
-
SHA1
5dcf9702941e41c01fc0a8379df21a5691fa1b5f
-
SHA256
f003f20a3f57d41c72f2874a889a7a2a8e396a57f42cce35fbed9869c6a01964
-
SHA512
cd25e388f06a313fb35abb7fc66d1f01c3df18a9ae01e9e2a8d005f44a749d8151650f01d32af83dc23e09ec3b3a6ce3e5a33c8bc1a32c883f848445714fbba6
-
SSDEEP
768:+x6KCL3NdW2rIRpOHet/P5+/dSicaKe1Vvgc0WpmE1I5JVc6KN:+x6bNan5+MicaKe1VH0iX8JVclN
-
Async RAT payload
-