Overview

overview

10

Static

static

10

db356737d8...88.exe

windows7-x64

10

db356737d8...88.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    db356737d8940879b057bd0173aae780602b9ceb0a5790bd90e12c5cfc194088.zip

  • Size

    3.2MB

  • MD5

    87d49cf69b6e5eaf307d92436fcbabf3

  • SHA1

    f064a4a7f089f22435a4a34f6e30ab9f1a64ede0

  • SHA256

    72db97820db18cc37d97a7aae835172691d21a18666ef67e9792c0cf3b71fcb7

  • SHA512

    88279a53e33c79c3dc89670a48d1d13a26c2b6d1108fd79f2090d0b8b7d28e0b85028e038c490baa480e51a675c6c0a354195cf5c3360120b073fa2d68e3ca72

  • SSDEEP

    49152:f/RL0E4wtCHZ22vzL+0DVVCTGR+dPWPSLFKnKLEaChVbFguybloy5E0QjtZiCQPK:hwL3HZJW0DVVCBWPShIxaCvRguUHQP+s

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • db356737d8940879b057bd0173aae780602b9ceb0a5790bd90e12c5cfc194088.zip
    .zip

    Password: infected

  • db356737d8940879b057bd0173aae780602b9ceb0a5790bd90e12c5cfc194088.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected


    Headers

    Sections