General
-
Target
917953a865a54eec851b726b62e462d53e9b801d922e71bd16aea0e292a2190f
-
Size
1.3MB
-
Sample
221031-2p8vyaeger
-
MD5
81e5c52c2ec79ebb5e568a0fffe628fe
-
SHA1
b4b521fd604cfa1abc00d322e91859afc2bbef4e
-
SHA256
917953a865a54eec851b726b62e462d53e9b801d922e71bd16aea0e292a2190f
-
SHA512
2f7009461c0f3f8e8a77e044502d59476fa47a52cb2fa0a77ebc3ced1404c63217e5ed3ed2dd2adf867ec7b0a61076ac02d20fc31f02979266ec828ae71afcfb
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
917953a865a54eec851b726b62e462d53e9b801d922e71bd16aea0e292a2190f.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
917953a865a54eec851b726b62e462d53e9b801d922e71bd16aea0e292a2190f
-
Size
1.3MB
-
MD5
81e5c52c2ec79ebb5e568a0fffe628fe
-
SHA1
b4b521fd604cfa1abc00d322e91859afc2bbef4e
-
SHA256
917953a865a54eec851b726b62e462d53e9b801d922e71bd16aea0e292a2190f
-
SHA512
2f7009461c0f3f8e8a77e044502d59476fa47a52cb2fa0a77ebc3ced1404c63217e5ed3ed2dd2adf867ec7b0a61076ac02d20fc31f02979266ec828ae71afcfb
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-