Overview

overview

10

Static

static

3

assoslauncher.exe

windows7-x64

1

assoslauncher.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    assoslauncher.zip

  • Size

    28.4MB

  • Sample

    250125-a271mawrhs

  • MD5

    18b0279fdbad92641a5fc36b40291c85

  • SHA1

    63e46ff4867c888cabbec24b5932a11317f7d674

  • SHA256

    faa43159efec200d5c3591bd901f8d9aa50dd1bfa40373806cdaf72493ced1e9

  • SHA512

    e3328deb51cab38f91292a6778f7fd47184d1bc3e1aa68178341115cd47d9a018912388bf83acf7008c15aefd0fe5b91c3b27f8f6ed2fb98e06a4aae17dbacdf

  • SSDEEP

    786432:18RpS27hpC4HQQyOi5s1dJDx+sqSAqXbZz8T:1mf73CkVybidJYspZz8T

Score
10/10
dcratdiscoveryexecutioninfostealerrat

Malware Config

Targets

    • Target

      assoslauncher.exe

    • Size

      50.4MB

    • MD5

      0486c281a279ea0a7c3dea7affb2be24

    • SHA1

      dc1dcb988335619b0dfc9ebc551af0755baf198c

    • SHA256

      961a7cf69296ba62b26ccda79c98571d2c8b7f91a1223972dde8966ccf30ce2e

    • SHA512

      39a036bccaf31c289ccd22a612ae5485be149907945f5939eb0b8429f2fd1acdf25e9b95ac0ebce3d8399c04d5439989486d603073606f85be31a19346194a6f

    • SSDEEP

      786432:fMguj8Q4Vfv0qFTrYC3VLewOc8C7HL7my:fiAQIH0kHP3Ew7L7my

    Score
    10/10
    dcratdiscoveryexecutioninfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • Dcrat family

      dcrat

    • DCRat payload

      rat

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks