Overview

overview

10

Static

static

10

f2cd1adcdc...2a.exe

windows7-x64

10

f2cd1adcdc...2a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f2cd1adcdc5a3323349e4a895c46757c9e6e2fd236ece39f626652b9d6c6852a

  • Size

    1.3MB

  • MD5

    8280cb6ac53053d79d6f7bfd8f2a8e1c

  • SHA1

    66efe323d130e16f09663cdef98fb30ee0826d86

  • SHA256

    f2cd1adcdc5a3323349e4a895c46757c9e6e2fd236ece39f626652b9d6c6852a

  • SHA512

    f2ec8d2a7e470b557e08e970d92eb0c72e1e0cbf21fff721d79c5335cacbe72c17fa101746b610652137ebe05bf4a517e366d158c2b38675ec6f4faed67a1979

  • SSDEEP

    24576:MBdS2G/nvxW3Ww0t/m6J//tI7YqnruAP3MkK6mZd4:idSbA30/m64YAWbd4

Score
10/10
ratdcratxwormnjrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Detect Xworm Payload 1 IoCs
  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects executables using Telegram Chat Bot 1 IoCs
  • Njrat family
    njrat
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f2cd1adcdc5a3323349e4a895c46757c9e6e2fd236ece39f626652b9d6c6852a
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections