General

  • Target

    atlx.zip

  • Size

    2.9MB

  • MD5

    c17d029a39ca9cffeb726415a28524e9

  • SHA1

    7b5a1bb512c90cb78368765f8b177daf51e493a8

  • SHA256

    c8ea017dcccf11517e1f3c2f010b01080e3f55455df7e63f2bba31ebe03d7a94

  • SHA512

    b0cabc829b59bab10a69fb5d2bce072d16729fcc634b7b18280e4b46ba40c119f61d876da5d3793b64b1e3a0df124ff3518f5d0eb06354923ec9b19aae76dab3

  • SSDEEP

    49152:YRSF0FvMQ2BYl0jip7z4Qi0fKVEK2M0UFhCZfaZluv1y8x2I9hr5mmq+:v0FvMQ2BUbp9MhFEZyqo62IVmml

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • atlx.zip
    .zip

    Password: atlx

  • atlx/Avtronu.exe
    .exe windows:5 windows x86 arch:x86

    Password: atlx

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections