General
-
Target
2cedc4963fd4ea204ba1dd2de0d48fe58c7ef2e0667826d13a198ebf07caecdc
-
Size
1.3MB
-
Sample
221031-2rd4caegfn
-
MD5
a39f8c217d90a8fa67d1dda6f097208b
-
SHA1
686b58b9f9d2a8a9ea931087a5252a881a670c69
-
SHA256
2cedc4963fd4ea204ba1dd2de0d48fe58c7ef2e0667826d13a198ebf07caecdc
-
SHA512
815ce22afdcc752953d6558e196a5e0c3c797ff91457880d5edfabe0ab81344f1e89675aa568402a60c31dd06b33a3987e1eaaf337aed1f8896b75673bd2035f
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
2cedc4963fd4ea204ba1dd2de0d48fe58c7ef2e0667826d13a198ebf07caecdc.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
2cedc4963fd4ea204ba1dd2de0d48fe58c7ef2e0667826d13a198ebf07caecdc
-
Size
1.3MB
-
MD5
a39f8c217d90a8fa67d1dda6f097208b
-
SHA1
686b58b9f9d2a8a9ea931087a5252a881a670c69
-
SHA256
2cedc4963fd4ea204ba1dd2de0d48fe58c7ef2e0667826d13a198ebf07caecdc
-
SHA512
815ce22afdcc752953d6558e196a5e0c3c797ff91457880d5edfabe0ab81344f1e89675aa568402a60c31dd06b33a3987e1eaaf337aed1f8896b75673bd2035f
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-