General
-
Target
00f502d340e83e32d0ccc3bc2244c508349f892d77df171dead95613d5bca26c
-
Size
1.3MB
-
Sample
221031-2r5ajaeggn
-
MD5
680bf02e654cceb547c8994600abb2d1
-
SHA1
a7397e28147dd7012cc7de4be2c1a55ef0013c09
-
SHA256
00f502d340e83e32d0ccc3bc2244c508349f892d77df171dead95613d5bca26c
-
SHA512
04679eaa9b238ab12ffd5eeb89a965cd4adea644ee53a5fea74d0255cf6ed60ea4dd6f9797c81f4354974f899ddba2f4d5a7132229419e79bdb97dd282bb6b26
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
00f502d340e83e32d0ccc3bc2244c508349f892d77df171dead95613d5bca26c.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
00f502d340e83e32d0ccc3bc2244c508349f892d77df171dead95613d5bca26c
-
Size
1.3MB
-
MD5
680bf02e654cceb547c8994600abb2d1
-
SHA1
a7397e28147dd7012cc7de4be2c1a55ef0013c09
-
SHA256
00f502d340e83e32d0ccc3bc2244c508349f892d77df171dead95613d5bca26c
-
SHA512
04679eaa9b238ab12ffd5eeb89a965cd4adea644ee53a5fea74d0255cf6ed60ea4dd6f9797c81f4354974f899ddba2f4d5a7132229419e79bdb97dd282bb6b26
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-