dcrat | 556e1b95814a2ff15e3f1962a682b2bdf4f72d8c11bf695af6de878d0b676a61 | Triage

Submit
Reports

Overview

overview

Static

static

UX-V2.0.exe

windows10-2004-x64

UX-V2.0.exe

windows11-21h2-x64

Sharing

General

Target

UX-V2.0.exe
Size

2.0MB
Sample

241105-zwxp5syhqn
MD5

f31b33519b8577316db68baa8203b60c
SHA1

8273e7ebdf5b3d25ff15e8d7e56f8b066da0af4b
SHA256

556e1b95814a2ff15e3f1962a682b2bdf4f72d8c11bf695af6de878d0b676a61
SHA512

831f8a5a1a707b3e50b814f43d87c228ad818e0cc7683800a65e0ff0052a6c98492a3f3b2669d5a9495c7687e0a96793ae33b2f24b76e4c671590c982fb987dd
SSDEEP

49152:ubA3j7CUI8pGiQagogtpnJCL1pGKd+N1ewYw:ubQ7I88ALaJCL1HdI1Yw

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

UX-V2.0.exe

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

UX-V2.0.exe

Resource

win11-20241007-en

dcrat discovery infostealer rat

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  UX-V2.0.exe
- Size
  
  2.0MB
- MD5
  
  f31b33519b8577316db68baa8203b60c
- SHA1
  
  8273e7ebdf5b3d25ff15e8d7e56f8b066da0af4b
- SHA256
  
  556e1b95814a2ff15e3f1962a682b2bdf4f72d8c11bf695af6de878d0b676a61
- SHA512
  
  831f8a5a1a707b3e50b814f43d87c228ad818e0cc7683800a65e0ff0052a6c98492a3f3b2669d5a9495c7687e0a96793ae33b2f24b76e4c671590c982fb987dd
- SSDEEP
  
  49152:ubA3j7CUI8pGiQagogtpnJCL1pGKd+N1ewYw:ubQ7I88ALaJCL1HdI1Yw
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

behavioral2

dcratdiscoveryinfostealerrat

© 2018-2024

Terms | Privacy