Overview

overview

10

Static

static

10

dcrat2023.zip

windows7-x64

1

dcrat2023.zip

windows10-1703-x64

1

dcrat2023.zip

windows10-2004-x64

1

dcrat2023.zip

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dcrat2023.zip

  • Size

    68.0MB

  • MD5

    cfd5b5fe15a7ed79148b1d20be472753

  • SHA1

    2b45609b054e75118920af603e785ef7e56a0764

  • SHA256

    09dfe7632e81c5cffb637547687247c5ec8c7b74cf595158d663f769b82cdc09

  • SHA512

    8c5a4498bc7f5802b2341128f68c603c86b839abf85e0ee82b9c3d089eafc9f5c211de6f3a897b69575c2dea1d7599624248d04b0ff5540a9a26e9ce46b5ab2e

  • SSDEEP

    1572864:y9B9qefYWvFxXgdU0H+pjnGHAdrRxk8brBK2Ph:ykeg8F9gjepLG0rU4r00h

Score
10/10
asyncrat

Malware Config

Signatures

  • Asyncrat family
    asyncrat
  • Unsigned PE 26 IoCs

    Checks for missing Authenticode signature.

Files

  • dcrat2023.zip
    .zip
  • Release/BackupCertificate.zip
    .zip
  • ServerCertificate.p12
  • Release/Client.ini
  • Release/DcRat.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Release/DcRat.exe.config
    .xml
  • Release/Plugins/Audio.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Audio.pdb
  • Release/Plugins/Chat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Chat.pdb
  • Release/Plugins/Extra.dll
    .dll .ps1 windows:4 windows x86 arch:x86 polyglot

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Extra.pdb
  • Release/Plugins/FileManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/FileManager.pdb
  • Release/Plugins/FileSearcher.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/FileSearcher.pdb
  • Release/Plugins/Fun.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Fun.pdb
  • Release/Plugins/Information.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Information.pdb
  • Release/Plugins/Keylogger.exe.config
    .xml
  • Release/Plugins/Keylogger.pdb
  • Release/Plugins/Logger.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Logger.pdb
  • Release/Plugins/MessagePackLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/MessagePackLib.pdb
  • Release/Plugins/Miscellaneous.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Miscellaneous.pdb
  • Release/Plugins/Netstat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Netstat.pdb
  • Release/Plugins/Options.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/ProcessManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/ProcessManager.pdb
  • Release/Plugins/Ransomware.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Ransomware.pdb
  • Release/Plugins/Recovery.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Recovery.pdb
  • Release/Plugins/Regedit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/Regedit.pdb
  • Release/Plugins/RemoteCamera.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/RemoteCamera.pdb
  • Release/Plugins/RemoteDesktop.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/RemoteDesktop.pdb
  • Release/Plugins/ReverseProxy.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/ReverseProxy.pdb
  • Release/Plugins/SendFile.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/SendFile.pdb
  • Release/Plugins/SendMemory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Release/Plugins/SendMemory.pdb
  • Release/Plugins/ip2region.db
  • Release/ServerCertificate.p12
  • Release/Stub/Client.exe
    .exe windows:4 windows x86 arch:x86

    e5190c5e183d406cdd77111381b80c0e


    Headers

    Imports

    Sections

  • Release/Stub/Client.exe.config
    .xml
  • Release/Stub/Client.pdb
  • Release/Stub/Loader.dat
  • Release/Stub/Loader.exp
  • Release/Stub/Loader.lib
  • Release/Styles/Office2013.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Release/Styles/Office2016.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Release/Tools/MSTSCAX.DLL
    .dll regsvr32 windows:5 windows x86 arch:x86

    f4f9ea2971d7855283ab7cbcf0ce7925


    Headers

    Imports

    Exports

    Sections

  • Release/Tools/QQwry.dat
  • Release/Tools/Xvid¼Ƶ.exe
    .exe windows:4 windows x86 arch:x86

    e5190c5e183d406cdd77111381b80c0e


    Headers

    Imports

    Sections

  • Release/Tools/abc.zip
    .zip
  • abc.exe
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections

  • Release/Tools/mstsc.exe
    .exe windows:4 windows x86 arch:x86

    e5190c5e183d406cdd77111381b80c0e


    Headers

    Imports

    Sections

  • Release/output/pypass_shellcode.binloader.cs
    .ps1