General

  • Target

    Nursultan.exe

  • Size

    1.4MB

  • MD5

    1b6293c7f0dfed044b0eba8b98b0faff

  • SHA1

    e5705cbb256bb0b1a350e1b9fb71c1a1e4ac605a

  • SHA256

    fe014092ae92e8372849bed9f5cf33946e8d918bdc50feddc1316bc837414ba8

  • SHA512

    694e9afd04089172c991a712849049545459ceeed99780a6f012ca086fa2d1b70bbd627534b85b1797f4be22feda55e46e6966fe96a2ee66effdeeaa2eb650a5

  • SSDEEP

    24576:d2G/nvxW3WckpJWjXbNQsVZy8v8BQSsZWcJ48z2AB4:dbA3wvW+sVZy8fZWmz9

Score
10/10

Malware Config

Signatures

  • 44caliber family
  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nursultan.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections