General

  • Target

    Nursultan.exe

  • Size

    1.5MB

  • MD5

    4fb7892e812484f7da78dc9841581b19

  • SHA1

    618393c55273aae8107c2019a8f9a7e1f762b2d9

  • SHA256

    b9de413f47d732c1c909de90d3fd40fe5a0be4ed33846a5092aab934a178363c

  • SHA512

    24e924c2830070f0dc741f8377ddabde61db2b2a97068de167500b38d8dc89f8294c580409336821aec501a35b33df8b8d833b7a4bbb0733a78f333ae5b25129

  • SSDEEP

    24576:U2G/nvxW3Ww0tzACdNBrIW7w/eF+IwBtuEW9qlhSxfUx80M:UbA30zACdh7O5uBp/

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nursultan.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections