General
-
Target
795cb79660ab86c9b5d1c28557f1b08fb216bae54c7cd5fe92d1a050f52e7300
-
Size
1.3MB
-
Sample
221031-132hcadeg8
-
MD5
f0b9fb5171b954a2273755b7bdc4c19a
-
SHA1
19b74010de267b72f19c1188120fb9d5ef7679c2
-
SHA256
795cb79660ab86c9b5d1c28557f1b08fb216bae54c7cd5fe92d1a050f52e7300
-
SHA512
9e4afb58c09e3c54e22cb087b299a185e55b327f28d2bf73aca6e1ecc5c414a1133daff0d6edc5f6b16f6effd1a10b046cc83b502dc88e22e61738b8cfef04fc
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
795cb79660ab86c9b5d1c28557f1b08fb216bae54c7cd5fe92d1a050f52e7300.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
795cb79660ab86c9b5d1c28557f1b08fb216bae54c7cd5fe92d1a050f52e7300
-
Size
1.3MB
-
MD5
f0b9fb5171b954a2273755b7bdc4c19a
-
SHA1
19b74010de267b72f19c1188120fb9d5ef7679c2
-
SHA256
795cb79660ab86c9b5d1c28557f1b08fb216bae54c7cd5fe92d1a050f52e7300
-
SHA512
9e4afb58c09e3c54e22cb087b299a185e55b327f28d2bf73aca6e1ecc5c414a1133daff0d6edc5f6b16f6effd1a10b046cc83b502dc88e22e61738b8cfef04fc
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-