dcrat | a3640a10bd29bfb75eb0ee385cb7233ae19c34e0eebae32da2ae168529c2d9fc | Triage

Submit
Reports

Overview

overview

Static

static

ioqjwd.exe

windows7-x64

ioqjwd.exe

windows10-2004-x64

Sharing

General

Target

ioqjwd.exe
Size

1.8MB
Sample

241027-nas92svkcr
MD5

67d57fb4c4b81fe4c7acab9aeae02956
SHA1

da16779ad85db8289b6ec67f6c5a5e9aa1dd418a
SHA256

a3640a10bd29bfb75eb0ee385cb7233ae19c34e0eebae32da2ae168529c2d9fc
SHA512

b0bb6569e918de32963d58e87ca8f4effdefa72645a4cb64fe621866dfb4ccbc95a89155c1c304f52557530f419bb20daa1e6d1195670e15d538a69865006678
SSDEEP

49152:ubA3j3+MhlRGll+heg+Hx9IWZTw40/SyD:ubwR5eZ9Igw40qw

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ioqjwd.exe

Resource

win7-20240708-en

dcrat discovery infostealer rat

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ioqjwd.exe

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ioqjwd.exe
- Size
  
  1.8MB
- MD5
  
  67d57fb4c4b81fe4c7acab9aeae02956
- SHA1
  
  da16779ad85db8289b6ec67f6c5a5e9aa1dd418a
- SHA256
  
  a3640a10bd29bfb75eb0ee385cb7233ae19c34e0eebae32da2ae168529c2d9fc
- SHA512
  
  b0bb6569e918de32963d58e87ca8f4effdefa72645a4cb64fe621866dfb4ccbc95a89155c1c304f52557530f419bb20daa1e6d1195670e15d538a69865006678
- SSDEEP
  
  49152:ubA3j3+MhlRGll+heg+Hx9IWZTw40/SyD:ubwR5eZ9Igw40qw
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

behavioral2

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy