General
-
Target
52ab42dbbbdeaf9bb81dd3dd35defed279d24b7856c6da573e2acf5cf30f10aa
-
Size
1.3MB
-
Sample
221031-2zsayaeaa8
-
MD5
b92bdd8bea0410c15d894c87c1a4bd7f
-
SHA1
8c24cbdcb9815eb35d33af879a9be9d0e997cd24
-
SHA256
52ab42dbbbdeaf9bb81dd3dd35defed279d24b7856c6da573e2acf5cf30f10aa
-
SHA512
c8400d37a00c00e47342392784eba9e39c43152b42c65123ec1f48dbb22c1f14b0226deb891a0fe1e1fb2c141d4f993ec46be75a5b18dc232c5656a4eebdcecf
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
52ab42dbbbdeaf9bb81dd3dd35defed279d24b7856c6da573e2acf5cf30f10aa.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
52ab42dbbbdeaf9bb81dd3dd35defed279d24b7856c6da573e2acf5cf30f10aa
-
Size
1.3MB
-
MD5
b92bdd8bea0410c15d894c87c1a4bd7f
-
SHA1
8c24cbdcb9815eb35d33af879a9be9d0e997cd24
-
SHA256
52ab42dbbbdeaf9bb81dd3dd35defed279d24b7856c6da573e2acf5cf30f10aa
-
SHA512
c8400d37a00c00e47342392784eba9e39c43152b42c65123ec1f48dbb22c1f14b0226deb891a0fe1e1fb2c141d4f993ec46be75a5b18dc232c5656a4eebdcecf
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-