← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ThreatFox Hunt: DCRat IOCs - 2025-12-29
WHITE pduggusa 2025-12-29 Modified: 2026-01-28
11
IOCs
MEDIUM VOLUME
Automated ThreatFox hunt for DCRat indicators. 17 IOCs collected via Pattern 49 intelligence streaming. MITRE ATT&CK: T1071.001, T1059.001, T1219, T1056.001. Reference: https://analytics.dugganusa.com
dcratthreatfoxautomated-huntpattern-49dugganusacommodity-rat
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
DCRat
Indicators of Compromise (11)
All domain hostname FileHash-SHA256 FileHash-MD5
TYPEINDICATORDESCRIPTIONCREATED
domain svis.in.net DCRat botnet_cc - ThreatFox ID: 1687207 2025-12-29
hostname yhlgut.za.com DCRat botnet_cc - ThreatFox ID: 1687208 2025-12-29
hostname name.sa.com DCRat botnet_cc - ThreatFox ID: 1687524 2025-12-29
FileHash-SHA256 11c1cfce546980287e7d3440033191844b5e5e321052d685f4c9ee49937fa688 DCRat payload - ThreatFox ID: 1687685 2025-12-29
FileHash-MD5 55ddf603015e60558debfd07390f4c17 DCRat payload - ThreatFox ID: 1687686 2025-12-29
FileHash-SHA256 6bd31dfd36ce82e588f37a9ad233c022e0a87b132dc01b93ebbab05b57e5defd DCRat payload - ThreatFox ID: 1687688 2025-12-29
FileHash-MD5 6c3cef3ea655f113fdbfab3b80f87ad6 DCRat payload - ThreatFox ID: 1687689 2025-12-29
domain reelshare.in.net DCRat botnet_cc - ThreatFox ID: 1687918 2025-12-29
hostname www.la-beaute.jp.net DCRat botnet_cc - ThreatFox ID: 1687919 2025-12-29
hostname part.ru.com DCRat botnet_cc - ThreatFox ID: 1687920 2025-12-29
hostname twitch.za.com DCRat botnet_cc - ThreatFox ID: 1687921 2025-12-29
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch