Overview

overview

10

Static

static

10

00db2c2660...d9.exe

windows7-x64

10

00db2c2660...d9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b3499bf522f78f62b3f719f7078cbaa.bin

  • Size

    2.3MB

  • MD5

    837ab38e52f2dcdc1bb500d497ba2001

  • SHA1

    4010617794601d206f0ce4e0fc53c99540ed8753

  • SHA256

    fc97fa4283d52a2bfcdfca418c45e39bc6fcd296d7494af69af64114802bb531

  • SHA512

    b9e5051028fb57a399e486e5e7eacfe8de3a208c2f7889d00eaa842cdb0b79599df3b6402690cef8ab5761c9a6f8cf8303649875863240782eda3588cd61c01b

  • SSDEEP

    49152:7CDNpbnRDsPLLQ3BqieE7ksurAkIIXf0cBQVEbBf7q2tBzV:WRFnuHQRq/VPkPUf0uTbhjtBh

Score
10/10
ratdcrat

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b3499bf522f78f62b3f719f7078cbaa.bin
    .zip

    Password: infected

  • 00db2c26608e0e750b9262587d68d19dfd37e45b185a22b9438fb309ceb15cd9.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections