General
-
Target
045a801f356ba80600f1d8825fa19dbb7f890e98dec53a40f33cf6cc5abfe8f8
-
Size
1.3MB
-
Sample
221101-mjazdsbger
-
MD5
9baecc7c7298379b3cf6fd14f10afa55
-
SHA1
e77f0b12592d54156cc9081a2c4671567d6061c5
-
SHA256
045a801f356ba80600f1d8825fa19dbb7f890e98dec53a40f33cf6cc5abfe8f8
-
SHA512
9fa550d1220ac0521534e64eee0778a9cbe5862d433736462f4137cb640de444ea3603b25aa811d476af85c4fb9630a016c5ecde02c9dde5c47790db8052ff80
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
045a801f356ba80600f1d8825fa19dbb7f890e98dec53a40f33cf6cc5abfe8f8.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
045a801f356ba80600f1d8825fa19dbb7f890e98dec53a40f33cf6cc5abfe8f8
-
Size
1.3MB
-
MD5
9baecc7c7298379b3cf6fd14f10afa55
-
SHA1
e77f0b12592d54156cc9081a2c4671567d6061c5
-
SHA256
045a801f356ba80600f1d8825fa19dbb7f890e98dec53a40f33cf6cc5abfe8f8
-
SHA512
9fa550d1220ac0521534e64eee0778a9cbe5862d433736462f4137cb640de444ea3603b25aa811d476af85c4fb9630a016c5ecde02c9dde5c47790db8052ff80
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-