Overview

overview

10

Static

static

10

fab1001a72...56.exe

windows7-x64

10

fab1001a72...56.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fab1001a7271caa76ddcb934ff2668bdc1f5e044a7065b7c143c429c98aba056

  • Size

    2.0MB

  • MD5

    96373b1a9080aa751b5a98fc96cfb66c

  • SHA1

    17436af89fdf67d4c60416b7bccda9f6cb3cd490

  • SHA256

    fab1001a7271caa76ddcb934ff2668bdc1f5e044a7065b7c143c429c98aba056

  • SHA512

    4cacede2b67488e46c978cbd1956ed4c0b0c1657bdd3e9b9a80203bb1175fb0b2aceadd8dbedef331332d578191620435e9561b56db420b28b767ba2dfdc9f79

  • SSDEEP

    24576:0n2XTCHM4xT9V3XzsHhVmatCELYIXVelAtgbHHd:iaTUv0jmtEttc

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Detects executables containing bas64 encoded gzip files 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fab1001a7271caa76ddcb934ff2668bdc1f5e044a7065b7c143c429c98aba056
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections