General
-
Target
34352cfabfec5e3ce94d3dda096fe7bdac99fb123f6f0e8a7b86c235f5543892
-
Size
1.3MB
-
Sample
221031-2yd2xsdhh7
-
MD5
5b4bb250580a75938abd0734d4688fb8
-
SHA1
3bbe6f94032349dce5fd30fe63a8ba6455f06c79
-
SHA256
34352cfabfec5e3ce94d3dda096fe7bdac99fb123f6f0e8a7b86c235f5543892
-
SHA512
98510dd3d1324be21f3a6866450a51bdbebbf7f62b50920bf84616d7672373541a5fb096294b052a9399bb4c2d07af2880474565834273ff835b0e4aa387a6d2
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
34352cfabfec5e3ce94d3dda096fe7bdac99fb123f6f0e8a7b86c235f5543892.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
34352cfabfec5e3ce94d3dda096fe7bdac99fb123f6f0e8a7b86c235f5543892
-
Size
1.3MB
-
MD5
5b4bb250580a75938abd0734d4688fb8
-
SHA1
3bbe6f94032349dce5fd30fe63a8ba6455f06c79
-
SHA256
34352cfabfec5e3ce94d3dda096fe7bdac99fb123f6f0e8a7b86c235f5543892
-
SHA512
98510dd3d1324be21f3a6866450a51bdbebbf7f62b50920bf84616d7672373541a5fb096294b052a9399bb4c2d07af2880474565834273ff835b0e4aa387a6d2
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-