General
-
Target
020c2c7854fb5cb272cae8f51231293907ff8b269df7346e5ae663c9a2b0f959
-
Size
1.3MB
-
Sample
221031-13877aedhr
-
MD5
5b2b16e2e2521da42acec94ca99cc027
-
SHA1
4aefed2c467a87cf19df0997c9676824cef8777a
-
SHA256
020c2c7854fb5cb272cae8f51231293907ff8b269df7346e5ae663c9a2b0f959
-
SHA512
ed2a158aacf23c1637939937cea6d6e3521036356c643c5b351e850f9d60584a8935423c2f2b61f4532d44ab8ceac7cd9fe41190e8433c7462d373db55b32eef
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
020c2c7854fb5cb272cae8f51231293907ff8b269df7346e5ae663c9a2b0f959.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
020c2c7854fb5cb272cae8f51231293907ff8b269df7346e5ae663c9a2b0f959
-
Size
1.3MB
-
MD5
5b2b16e2e2521da42acec94ca99cc027
-
SHA1
4aefed2c467a87cf19df0997c9676824cef8777a
-
SHA256
020c2c7854fb5cb272cae8f51231293907ff8b269df7346e5ae663c9a2b0f959
-
SHA512
ed2a158aacf23c1637939937cea6d6e3521036356c643c5b351e850f9d60584a8935423c2f2b61f4532d44ab8ceac7cd9fe41190e8433c7462d373db55b32eef
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-