General
-
Target
00a927029c3a5c6326e14092255afbf8ad5c86b063f786306decfaf549337083
-
Size
1.3MB
-
Sample
221031-1w5anaedcj
-
MD5
0d06176f1e465331ce8cdc6419195b3f
-
SHA1
e2cce4f536a1895567f33a0a21f63d04c02422b3
-
SHA256
00a927029c3a5c6326e14092255afbf8ad5c86b063f786306decfaf549337083
-
SHA512
37ba3ecf512ca996bf9eee8d9011cc0df007561a65b1edb080c77c0d87b2de376c126bcbc94fd9d46eb176ed6eac6021b49471a69daaf229dfee196418e5aea5
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
00a927029c3a5c6326e14092255afbf8ad5c86b063f786306decfaf549337083.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
00a927029c3a5c6326e14092255afbf8ad5c86b063f786306decfaf549337083
-
Size
1.3MB
-
MD5
0d06176f1e465331ce8cdc6419195b3f
-
SHA1
e2cce4f536a1895567f33a0a21f63d04c02422b3
-
SHA256
00a927029c3a5c6326e14092255afbf8ad5c86b063f786306decfaf549337083
-
SHA512
37ba3ecf512ca996bf9eee8d9011cc0df007561a65b1edb080c77c0d87b2de376c126bcbc94fd9d46eb176ed6eac6021b49471a69daaf229dfee196418e5aea5
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-