dcrat | 870cd80a419c1b2b24b3cef28291bba2155ebee9a34d7e100ea822a127458069 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

RecentFiler-tools.exe

windows10-2004-x64

Resubmissions

13/01/2025, 04:31 UTC

250113-e5lzsawkgv 10

12/01/2025, 16:28 UTC

250112-tyzpmaslhj 10

Sharing

General

Target

RecentFiler-tools.exe
Size

3.8MB
Sample

250112-tyzpmaslhj
MD5

ee83fe3104070859f841afb7af5cbfff
SHA1

3847b3459fca7aec48f5711bedf807a98b845808
SHA256

870cd80a419c1b2b24b3cef28291bba2155ebee9a34d7e100ea822a127458069
SHA512

95fa3e41197443f65dd323445fb615702af73e72e9f8b5cacda5d9eebb94bb60310a87ac4d5d3ea079f536c4dfa194dc8912ab59a968f41c836a5b2a26790ea8
SSDEEP

98304:ymjQg7O4z4P0bk/WgCMZcX08aj5nOq4EniheBXX:XjQga40Mb8WgCOcX0Vj5nv4Eihy

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

RecentFiler-tools.exe

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  RecentFiler-tools.exe
- Size
  
  3.8MB
- MD5
  
  ee83fe3104070859f841afb7af5cbfff
- SHA1
  
  3847b3459fca7aec48f5711bedf807a98b845808
- SHA256
  
  870cd80a419c1b2b24b3cef28291bba2155ebee9a34d7e100ea822a127458069
- SHA512
  
  95fa3e41197443f65dd323445fb615702af73e72e9f8b5cacda5d9eebb94bb60310a87ac4d5d3ea079f536c4dfa194dc8912ab59a968f41c836a5b2a26790ea8
- SSDEEP
  
  98304:ymjQg7O4z4P0bk/WgCMZcX08aj5nOq4EniheBXX:XjQga40Mb8WgCOcX0Vj5nv4Eihy
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.