dcrat | 0295fc7acaed48393649e69a4a604a682afd9fa832d6c69ba5a0ed6f15471fe4 | Triage

Submit
Reports

Overview

overview

Static

static

xlib86.exe

windows10-2004-x64

7

Sharing

General

Target

xlib86.exe
Size

624KB
Sample

250327-ra872svnt3
MD5

15d1f00d56be9a75ef838df7296fd36e
SHA1

eaecc49bebee74cd142af04ba5047acfc1c10db2
SHA256

0295fc7acaed48393649e69a4a604a682afd9fa832d6c69ba5a0ed6f15471fe4
SHA512

9f61f4350ef961b9ef29930f9fcfca0b756cb8fe1b48707b6be591cdfd71f1347996566bfb89cdb543ee39d2ad899019a7638429f340f6351d5043258933e437
SSDEEP

12288:URZ+IoG/n9IQxW3OBseUUT+tcYbga2N7O+WJu/Z9kBTdxFZA:u2G/nvxW3WieCga2LGMkLxFi

Score

10^/10

dcrat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

xlib86.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  xlib86.exe
- Size
  
  624KB
- MD5
  
  15d1f00d56be9a75ef838df7296fd36e
- SHA1
  
  eaecc49bebee74cd142af04ba5047acfc1c10db2
- SHA256
  
  0295fc7acaed48393649e69a4a604a682afd9fa832d6c69ba5a0ed6f15471fe4
- SHA512
  
  9f61f4350ef961b9ef29930f9fcfca0b756cb8fe1b48707b6be591cdfd71f1347996566bfb89cdb543ee39d2ad899019a7638429f340f6351d5043258933e437
- SSDEEP
  
  12288:URZ+IoG/n9IQxW3OBseUUT+tcYbga2N7O+WJu/Z9kBTdxFZA:u2G/nvxW3WieCga2LGMkLxFi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy