General
-
Target
8067b18f35f1408759ffeebba8de82ebde46d578d15dcc1ac63ad9c5942bfe75
-
Size
1.3MB
-
Sample
221031-15nn9sdfa4
-
MD5
e3d73bad0715fdcc4d6fe0130270af0d
-
SHA1
80158491fbb4561c70d6795da05183edab198ae9
-
SHA256
8067b18f35f1408759ffeebba8de82ebde46d578d15dcc1ac63ad9c5942bfe75
-
SHA512
7d3052d82b540281bc013dbc52f082c01f64805f1713b61b37afa4f8a8eae5003eb09460b3feb1d75fbb1d97f8fd96aa2552b010a715aff3d3b4d68511203986
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
8067b18f35f1408759ffeebba8de82ebde46d578d15dcc1ac63ad9c5942bfe75.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
8067b18f35f1408759ffeebba8de82ebde46d578d15dcc1ac63ad9c5942bfe75
-
Size
1.3MB
-
MD5
e3d73bad0715fdcc4d6fe0130270af0d
-
SHA1
80158491fbb4561c70d6795da05183edab198ae9
-
SHA256
8067b18f35f1408759ffeebba8de82ebde46d578d15dcc1ac63ad9c5942bfe75
-
SHA512
7d3052d82b540281bc013dbc52f082c01f64805f1713b61b37afa4f8a8eae5003eb09460b3feb1d75fbb1d97f8fd96aa2552b010a715aff3d3b4d68511203986
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-