dcrat | 84b838dc7b84476ab2d5eb8989a6e3921d01d96810292a646563bd0e1dd9a972

General

Target

84b838dc7b84476ab2d5eb8989a6e3921d01d96810292a646563bd0e1dd9a972
Size

1.2MB
MD5

bba932293b24ba09742bf12beac581f0
SHA1

8a9eebde6ad570b3f935742d5d9f65bf31078e3c
SHA256

84b838dc7b84476ab2d5eb8989a6e3921d01d96810292a646563bd0e1dd9a972
SHA512

f1fd972eec339bb1c443bb9f13ab8e9c09e810276656d3a9ecf649b70ba9374ac088d6db8e40a40010724dde05db5950dfcc1e7b7b7059faefcdd2c4a0521c34
SSDEEP

24576:tR28aergLxCcjZGKCKFuTBHNWdd2HAxWnUDTJ/yS3Rh:zJaDKf4p4UD1v

Score

10^/10

rat dcrat

DCRat payload 1 IoCs

Detects payload of DCRat, commonly dropped by NSIS installers.

resource	yara_rule
sample	dcrat

Detects executables containing bas64 encoded gzip files 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_Embedded_Gzip_B64Encoded_File

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b838dc7b84476ab2d5eb8989a6e3921d01d96810292a646563bd0e1dd9a972