dcrat | 628e668b234ae912b337b5ed8a9edb0baf44c6f2f0a297c1e6fc354262a37bad | Triage

Submit
Reports

Overview

overview

Static

static

3

Zoraraclear.exe

windows10-ltsc 2021-x64

Sharing

General

Target

Zoraraclear.exe
Size

3.0MB
Sample

241207-slzy7awlfz
MD5

2bbcb2eb310ae73cd05c024afee324fb
SHA1

4d477371119a135e2c9e65ada34547afe65347a5
SHA256

628e668b234ae912b337b5ed8a9edb0baf44c6f2f0a297c1e6fc354262a37bad
SHA512

704a49e72fe03db76ec71e68b8309d3ad2c1c5e4b2042c68dbb383dc5502ebc5e96eb12b83c79cdcfbf1a8ebb04ffb11670628a1cb0bb49ebc617044ca5679be
SSDEEP

49152:SBJo0KE3fGUa/34OEOnhHLe7kSb+e39EP9Xe7inp7xLXzslyoDs:EC0KIGUaPh5ySP9Xe7qRxLjslFA

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Zoraraclear.exe

Resource

win10ltsc2021-20241023-en

dcrat discovery infostealer rat

windows10-ltsc 2021-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Zoraraclear.exe
- Size
  
  3.0MB
- MD5
  
  2bbcb2eb310ae73cd05c024afee324fb
- SHA1
  
  4d477371119a135e2c9e65ada34547afe65347a5
- SHA256
  
  628e668b234ae912b337b5ed8a9edb0baf44c6f2f0a297c1e6fc354262a37bad
- SHA512
  
  704a49e72fe03db76ec71e68b8309d3ad2c1c5e4b2042c68dbb383dc5502ebc5e96eb12b83c79cdcfbf1a8ebb04ffb11670628a1cb0bb49ebc617044ca5679be
- SSDEEP
  
  49152:SBJo0KE3fGUa/34OEOnhHLe7kSb+e39EP9Xe7inp7xLXzslyoDs:EC0KIGUaPh5ySP9Xe7qRxLjslFA
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy