General
-
Target
93e21e14b4de271e85ae8ef4e2694482a60f2317a1581b3a96e9801c4e4bd367
-
Size
1.3MB
-
Sample
221031-2ynw5aehdr
-
MD5
325bcd88f34e2251c0b194e02f45750c
-
SHA1
f3050f2835d9dbc3947c8f521093844639eaefc6
-
SHA256
93e21e14b4de271e85ae8ef4e2694482a60f2317a1581b3a96e9801c4e4bd367
-
SHA512
4d5208468ee2a7af97b496f3fb4d118e4cde2507b79ca6037f432f5c2adbdf0ea82b3a2546aa93e0a1dcd47e5e03edaf63860ffc9725df134ad9d9fdb1978964
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
93e21e14b4de271e85ae8ef4e2694482a60f2317a1581b3a96e9801c4e4bd367.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
93e21e14b4de271e85ae8ef4e2694482a60f2317a1581b3a96e9801c4e4bd367
-
Size
1.3MB
-
MD5
325bcd88f34e2251c0b194e02f45750c
-
SHA1
f3050f2835d9dbc3947c8f521093844639eaefc6
-
SHA256
93e21e14b4de271e85ae8ef4e2694482a60f2317a1581b3a96e9801c4e4bd367
-
SHA512
4d5208468ee2a7af97b496f3fb4d118e4cde2507b79ca6037f432f5c2adbdf0ea82b3a2546aa93e0a1dcd47e5e03edaf63860ffc9725df134ad9d9fdb1978964
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-