Overview

overview

10

Static

static

3

Echo test.exe

windows7-x64

10

Echo test.exe

windows10-2004-x64

10

Resubmissions

13-01-2025 13:56

250113-q81swswqcp 10

13-01-2025 13:53

250113-q64rrswpgm 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Echo test.exe

  • Size

    3.8MB

  • Sample

    250113-q64rrswpgm

  • MD5

    a6055484fbf56a8cfe6a8ce1ad5fe91c

  • SHA1

    5e159ecd3265c619dcaae0dbdfaa71fa0533c6f6

  • SHA256

    7a2e63f7601af70c3660110cd7d0967d909b2c5ad2ab3bdf834c85d900fe5c94

  • SHA512

    6f0dc67e4c14b34cc000e3ad1886f4586d02bba55f5ae8f7ae46eb7269f9603b9120ffe7053fc2cfd91ee3f2f6eb250a47e6cad53e73cbe9e637cfc6f9f847f7

  • SSDEEP

    98304:yTApDs2KOw0axITDx00qlvqZpXSfU7dFDSfJtMKSGM:Cp2Kf0ZTDx0z88fUdEIKSGM

Score
10/10
dcratdiscoveryinfostealerrat

Malware Config

Targets

    • Target

      Echo test.exe

    • Size

      3.8MB

    • MD5

      a6055484fbf56a8cfe6a8ce1ad5fe91c

    • SHA1

      5e159ecd3265c619dcaae0dbdfaa71fa0533c6f6

    • SHA256

      7a2e63f7601af70c3660110cd7d0967d909b2c5ad2ab3bdf834c85d900fe5c94

    • SHA512

      6f0dc67e4c14b34cc000e3ad1886f4586d02bba55f5ae8f7ae46eb7269f9603b9120ffe7053fc2cfd91ee3f2f6eb250a47e6cad53e73cbe9e637cfc6f9f847f7

    • SSDEEP

      98304:yTApDs2KOw0axITDx00qlvqZpXSfU7dFDSfJtMKSGM:Cp2Kf0ZTDx0z88fUdEIKSGM

    Score
    10/10
    dcratdiscoveryinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • Dcrat family

      dcrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks