dcrat | bb7131d57c39a57b3e35acc18093a76c932a889c592fe2843eb4065ec8b646f0 | Triage

Submit
Reports

Overview

overview

Static

static

3

DCRatBuild.exe

windows7-x64

DCRatBuild.exe

windows10-2004-x64

Sharing

General

Target

DCRatBuild.exe
Size

1.9MB
Sample

241208-aegvxswrfl
MD5

1ee8448fea979c3ecbd21141a0ea84ef
SHA1

f19958c4e816d94b10d7787ce693251d7c93a16f
SHA256

bb7131d57c39a57b3e35acc18093a76c932a889c592fe2843eb4065ec8b646f0
SHA512

941c038b15068362aec2efb174a324d88566fc7013c2659fbbee4e3f41073b9a50772b45e93a144e178c110b065369d7140fbf5c299221d301c9216066ac5ba7
SSDEEP

24576:2TbBv5rUyXVKhCwi/IrsiTqwhFplFG8P1eI8qzvJ0C0wjZ1xjzj9fIXVIgeTryO2:IBJMVXFG89X8qzhfN1xD9QXVIgeTr7iN

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

DCRatBuild.exe

Resource

win7-20240903-en

dcrat discovery infostealer rat

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

DCRatBuild.exe

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  DCRatBuild.exe
- Size
  
  1.9MB
- MD5
  
  1ee8448fea979c3ecbd21141a0ea84ef
- SHA1
  
  f19958c4e816d94b10d7787ce693251d7c93a16f
- SHA256
  
  bb7131d57c39a57b3e35acc18093a76c932a889c592fe2843eb4065ec8b646f0
- SHA512
  
  941c038b15068362aec2efb174a324d88566fc7013c2659fbbee4e3f41073b9a50772b45e93a144e178c110b065369d7140fbf5c299221d301c9216066ac5ba7
- SSDEEP
  
  24576:2TbBv5rUyXVKhCwi/IrsiTqwhFplFG8P1eI8qzvJ0C0wjZ1xjzj9fIXVIgeTryO2:IBJMVXFG89X8qzhfN1xD9QXVIgeTr7iN
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

behavioral2

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy