dcrat | 65a8ab01e1bfab4662803c2635464cbd63355a25aab09fc2cc4846bc8af533ab | Triage

Submit
Reports

Overview

overview

Static

static

FarmBot Pr...ed).7z

windows10-2004-x64

Sharing

General

Target

FarmBot Premium [v0.1.1] (infected).7z
Size

9.2MB
Sample

250121-bddybaykav
MD5

5d913ab61c638631308da3bf82ac0cfe
SHA1

b1db27d57e5fd4b3b2068683b5ca2cd4200d8c4e
SHA256

65a8ab01e1bfab4662803c2635464cbd63355a25aab09fc2cc4846bc8af533ab
SHA512

19f4a3b219ea5004299fba2314bed7b91290711f21bdb6a9f18669558c9120daa62b117b4dda1a1322e16a67f9bb03daadbd96e79b1eb045631b2e8e30fc4559
SSDEEP

196608:2ZzPDY5Y4/3aWz2cEM7GL/qhj9hyGLX8mOMduBWz8:2t7Bm3aWAIrh7HLX8MHz8

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

FarmBot Premium [v0.1.1] (infected).7z

Resource

win10v2004-20241007-en

dcrat discovery infostealer rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  FarmBot Premium [v0.1.1] (infected).7z
- Size
  
  9.2MB
- MD5
  
  5d913ab61c638631308da3bf82ac0cfe
- SHA1
  
  b1db27d57e5fd4b3b2068683b5ca2cd4200d8c4e
- SHA256
  
  65a8ab01e1bfab4662803c2635464cbd63355a25aab09fc2cc4846bc8af533ab
- SHA512
  
  19f4a3b219ea5004299fba2314bed7b91290711f21bdb6a9f18669558c9120daa62b117b4dda1a1322e16a67f9bb03daadbd96e79b1eb045631b2e8e30fc4559
- SSDEEP
  
  196608:2ZzPDY5Y4/3aWz2cEM7GL/qhj9hyGLX8mOMduBWz8:2t7Bm3aWAIrh7HLX8MHz8
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- DCRat payload
  Detects payload of DCRat, commonly dropped by NSIS installers.
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy