General
-
Target
76980ec8e1d74ef535dedf4a56502feeeb80050e56df7254d0baf3dc1287a293
-
Size
1.3MB
-
Sample
221031-1vfkxaedak
-
MD5
3b66a309a7e98597d7a951411ef39a1e
-
SHA1
69bc7aed87a699d53e9fdfcc94974d6d61961e0c
-
SHA256
76980ec8e1d74ef535dedf4a56502feeeb80050e56df7254d0baf3dc1287a293
-
SHA512
8c0295034603005c4698527d930094be924935624dd1e4479e5bf8032021c97acbdd86b660af745ccc1faf6a03190bcc87990af732d3ecfbe08a870e640674f9
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
76980ec8e1d74ef535dedf4a56502feeeb80050e56df7254d0baf3dc1287a293.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
76980ec8e1d74ef535dedf4a56502feeeb80050e56df7254d0baf3dc1287a293
-
Size
1.3MB
-
MD5
3b66a309a7e98597d7a951411ef39a1e
-
SHA1
69bc7aed87a699d53e9fdfcc94974d6d61961e0c
-
SHA256
76980ec8e1d74ef535dedf4a56502feeeb80050e56df7254d0baf3dc1287a293
-
SHA512
8c0295034603005c4698527d930094be924935624dd1e4479e5bf8032021c97acbdd86b660af745ccc1faf6a03190bcc87990af732d3ecfbe08a870e640674f9
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-