dcrat | 980024e8c13ce835dbfa28f8eea51e701e36b1a085061445d14f7f4e87a44e50 | Triage

Submit
Reports

Overview

overview

Static

static

268c2e7768...5d.exe

windows7-x64

268c2e7768...5d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

268c2e7768781323eec48ae7d2ce805d
Size

1.2MB
Sample

231231-d44mrschg5
MD5

268c2e7768781323eec48ae7d2ce805d
SHA1

871970eef6d4976f96f0a42371880b6dd9f21e52
SHA256

980024e8c13ce835dbfa28f8eea51e701e36b1a085061445d14f7f4e87a44e50
SHA512

e254fcea7b5db5e5f2c5b1b857ff854842026d14de41b1bb6d35330ffa315e2dfd0c4d8a7b320acda039382fe3687df496d04fb4c5e6c5fe0eaff72ecbdb8fee
SSDEEP

24576:ee3J09QcGtD2F0Wpq0Ld7UT29cENYaK2q5aj+4:MF2CTK2q5ay

Score

10^/10

dcrat infostealer rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

268c2e7768781323eec48ae7d2ce805d.exe

Resource

win7-20231215-en

dcrat infostealer rat

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

268c2e7768781323eec48ae7d2ce805d.exe

Resource

win10v2004-20231215-en

dcrat infostealer rat

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  268c2e7768781323eec48ae7d2ce805d
- Size
  
  1.2MB
- MD5
  
  268c2e7768781323eec48ae7d2ce805d
- SHA1
  
  871970eef6d4976f96f0a42371880b6dd9f21e52
- SHA256
  
  980024e8c13ce835dbfa28f8eea51e701e36b1a085061445d14f7f4e87a44e50
- SHA512
  
  e254fcea7b5db5e5f2c5b1b857ff854842026d14de41b1bb6d35330ffa315e2dfd0c4d8a7b320acda039382fe3687df496d04fb4c5e6c5fe0eaff72ecbdb8fee
- SSDEEP
  
  24576:ee3J09QcGtD2F0Wpq0Ld7UT29cENYaK2q5aj+4:MF2CTK2q5ay
Score

10^/10

dcrat infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratinfostealerrat

behavioral2

dcratinfostealerrat

© 2018-2025

Terms | Privacy