General
-
Target
8dcf98a78f2b3ce3e1b16163a35b658f70fe0b276d4970034ec2a18f4fd3ed51
-
Size
1.3MB
-
Sample
221031-2z89fsehfp
-
MD5
24507a649405f969b5912caecb8bebb1
-
SHA1
fea19486529bc874abfe3cca5dbb80626054a1a8
-
SHA256
8dcf98a78f2b3ce3e1b16163a35b658f70fe0b276d4970034ec2a18f4fd3ed51
-
SHA512
24aef5196c8ae10315f4230c0f2c05da026f6b4717496ffca24f1d04022f02bf7bba699e06ab2b56950b954f8fc440718ef314baa15f15f3e9689fc9f1b0c4e5
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
8dcf98a78f2b3ce3e1b16163a35b658f70fe0b276d4970034ec2a18f4fd3ed51.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
8dcf98a78f2b3ce3e1b16163a35b658f70fe0b276d4970034ec2a18f4fd3ed51
-
Size
1.3MB
-
MD5
24507a649405f969b5912caecb8bebb1
-
SHA1
fea19486529bc874abfe3cca5dbb80626054a1a8
-
SHA256
8dcf98a78f2b3ce3e1b16163a35b658f70fe0b276d4970034ec2a18f4fd3ed51
-
SHA512
24aef5196c8ae10315f4230c0f2c05da026f6b4717496ffca24f1d04022f02bf7bba699e06ab2b56950b954f8fc440718ef314baa15f15f3e9689fc9f1b0c4e5
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-