General
-
Target
0ca99ac2ce2d354c668c4d68ee1412ef556ee7228365ed67b2acb86f246bab92
-
Size
1.3MB
-
Sample
221101-mj3z6sbggk
-
MD5
c63c67920363ec90aeb2ebaa01309f79
-
SHA1
3f54c0694364d9ca3ca698a3027fe6a4e5d68210
-
SHA256
0ca99ac2ce2d354c668c4d68ee1412ef556ee7228365ed67b2acb86f246bab92
-
SHA512
d1d2cd08d8a13d8703a668cff0acfc565e17bc71e4e14be04352de8cd7202f63ce9dbeee83ca05d3592092195ea21c5979e34b9f73312e2bd2c9175ab0b708aa
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
0ca99ac2ce2d354c668c4d68ee1412ef556ee7228365ed67b2acb86f246bab92.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
0ca99ac2ce2d354c668c4d68ee1412ef556ee7228365ed67b2acb86f246bab92
-
Size
1.3MB
-
MD5
c63c67920363ec90aeb2ebaa01309f79
-
SHA1
3f54c0694364d9ca3ca698a3027fe6a4e5d68210
-
SHA256
0ca99ac2ce2d354c668c4d68ee1412ef556ee7228365ed67b2acb86f246bab92
-
SHA512
d1d2cd08d8a13d8703a668cff0acfc565e17bc71e4e14be04352de8cd7202f63ce9dbeee83ca05d3592092195ea21c5979e34b9f73312e2bd2c9175ab0b708aa
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-