dcrat | a8f259ca65b6f98a38509bd2ec4a3085a7456b56e48aa94a41a6a614e288cb31 | Triage

Submit
Reports

Overview

overview

Static

static

3

Exlipse (i...d).zip

windows10-2004-x64

Sharing

General

Target

Exlipse (infected).zip
Size

100.9MB
Sample

241128-31x39avqdx
MD5

5286f8c034c1db39ae9467d8e6350d42
SHA1

15ced3f188a84b8d3f7f4b6f48935463f872b071
SHA256

a8f259ca65b6f98a38509bd2ec4a3085a7456b56e48aa94a41a6a614e288cb31
SHA512

0e895b23ea0a50b05b9a473313ad4edef12666574e30a8394ddd3d86eebb77c5b702a15be52a87578697378a43562b97cb0ff694414c54fff15be6df707f8e25
SSDEEP

3145728:leY0gVWyNixl7m5Omfs9fdn0MFRSGrlOWNMoadPo:lesKxla0rn0MFRSGU0MM

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Exlipse (infected).zip

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Exlipse (infected).zip
- Size
  
  100.9MB
- MD5
  
  5286f8c034c1db39ae9467d8e6350d42
- SHA1
  
  15ced3f188a84b8d3f7f4b6f48935463f872b071
- SHA256
  
  a8f259ca65b6f98a38509bd2ec4a3085a7456b56e48aa94a41a6a614e288cb31
- SHA512
  
  0e895b23ea0a50b05b9a473313ad4edef12666574e30a8394ddd3d86eebb77c5b702a15be52a87578697378a43562b97cb0ff694414c54fff15be6df707f8e25
- SSDEEP
  
  3145728:leY0gVWyNixl7m5Omfs9fdn0MFRSGrlOWNMoadPo:lesKxla0rn0MFRSGU0MM
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

© 2018-2024

Terms | Privacy