dcrat | d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454 | Triage

Submit
Reports

Overview

overview

Static

static

3

d7b59ed653...54.exe

windows7-x64

d7b59ed653...54.exe

windows10-2004-x64

Sharing

General

Target

d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454.exe
Size

1.9MB
Sample

250130-d6snaawqcp
MD5

b8ec608361912ca3c3eee53a31d482a3
SHA1

1c48c9d1e58f98fb778bebe88950350e12705070
SHA256

d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454
SHA512

442b548d094852b95695eca27f2a2e26acbb71b85a45ce8c17a192a10506076f7bb88216ab38790218e403b4305b84572b33de826623cf68a9a65abc87287bf6
SSDEEP

24576:MYAO3n8MjQTrnPQt62BYDA4yaOBGz62J8KROioT8t/ksGKQhum8dCVrHECa0WOID:MYrn7bT4yaOBu8KRON6JGKU7WOL

Score

10^/10

dcrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454.exe

Resource

win7-20240708-en

dcrat discovery infostealer rat

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454.exe

Resource

win10v2004-20250129-en

dcrat discovery infostealer rat

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454.exe
- Size
  
  1.9MB
- MD5
  
  b8ec608361912ca3c3eee53a31d482a3
- SHA1
  
  1c48c9d1e58f98fb778bebe88950350e12705070
- SHA256
  
  d7b59ed6536dbccd08c10abf5c2064babac20666844909cf1fa94ce9159eb454
- SHA512
  
  442b548d094852b95695eca27f2a2e26acbb71b85a45ce8c17a192a10506076f7bb88216ab38790218e403b4305b84572b33de826623cf68a9a65abc87287bf6
- SSDEEP
  
  24576:MYAO3n8MjQTrnPQt62BYDA4yaOBGz62J8KROioT8t/ksGKQhum8dCVrHECa0WOID:MYrn7bT4yaOBu8KRON6JGKU7WOL
Score

10^/10

dcrat discovery infostealer rat
- DcRat
  DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
  rat infostealer dcrat
- Dcrat family
  dcrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dcratdiscoveryinfostealerrat

behavioral2

dcratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy