dcrat | 74b9b6e1e63cca5ba910a43e796597efd689675c01128a9ac26a6cd7e297766f | Triage

Submit
Reports

Overview

overview

Static

static

1

Fatality.rar

windows7-x64

Fatality.rar

windows10-2004-x64

1

Sharing

General

Target

Fatality.rar
Size

19.9MB
Sample

241217-3wcxhsvkdr
MD5

b60d035b8bedec4e63eb8b3426e43bfb
SHA1

463be6fb7f77f5894ae6b667ffef26df31410b3b
SHA256

74b9b6e1e63cca5ba910a43e796597efd689675c01128a9ac26a6cd7e297766f
SHA512

0ba5c1c2796d2e747090850df1444e0ed083ad7f90604f86e13e36e05c8f54f407e5b85ab5b3115bb03f7060b3eedaabfc2955ee9ad6746d6e8a7ed2435792d0
SSDEEP

393216:q3OBj0xeAiZ2gQOMwrIoHVZaYVMRInHuNJ6gUS6+YxxthVvckj58/frFdwCgGmMr:+OBox2bMgPH/aYqRInHuNJ6zLNxzvckW

Score

10^/10

dcrat discovery evasion infostealer rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

Fatality.rar

Resource

win7-20240903-en

dcrat discovery evasion infostealer rat trojan

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

Fatality.rar

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  Fatality.rar
- Size
  
  19.9MB
- MD5
  
  b60d035b8bedec4e63eb8b3426e43bfb
- SHA1
  
  463be6fb7f77f5894ae6b667ffef26df31410b3b
- SHA256
  
  74b9b6e1e63cca5ba910a43e796597efd689675c01128a9ac26a6cd7e297766f
- SHA512
  
  0ba5c1c2796d2e747090850df1444e0ed083ad7f90604f86e13e36e05c8f54f407e5b85ab5b3115bb03f7060b3eedaabfc2955ee9ad6746d6e8a7ed2435792d0
- SSDEEP
  
  393216:q3OBj0xeAiZ2gQOMwrIoHVZaYVMRInHuNJ6gUS6+YxxthVvckj58/frFdwCgGmMr:+OBox2bMgPH/aYqRInHuNJ6zLNxzvckW
Score

10^/10

dcrat discovery evasion infostealer rat trojan
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryevasioninfostealerrattrojan

behavioral2

© 2018-2025

Terms | Privacy