General
-
Target
2b501f2bfafe8db483341cf032a367c5ef9c003d5f72f397b780536289090aec
-
Size
1.3MB
-
Sample
221101-mkwmgsbghl
-
MD5
aa70a071ab91e714dfe43c09a422373d
-
SHA1
9de63bb88d285326e4b1770bc90fafbcfd12cf59
-
SHA256
2b501f2bfafe8db483341cf032a367c5ef9c003d5f72f397b780536289090aec
-
SHA512
80943a74a5ea7e61625fc024435a1ef0c917845990a729fc7e97630624f46c6adc23efbda81b4c111e5729c6e725567a6b990d7301260939e88a67ceae873fc2
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
2b501f2bfafe8db483341cf032a367c5ef9c003d5f72f397b780536289090aec.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
2b501f2bfafe8db483341cf032a367c5ef9c003d5f72f397b780536289090aec
-
Size
1.3MB
-
MD5
aa70a071ab91e714dfe43c09a422373d
-
SHA1
9de63bb88d285326e4b1770bc90fafbcfd12cf59
-
SHA256
2b501f2bfafe8db483341cf032a367c5ef9c003d5f72f397b780536289090aec
-
SHA512
80943a74a5ea7e61625fc024435a1ef0c917845990a729fc7e97630624f46c6adc23efbda81b4c111e5729c6e725567a6b990d7301260939e88a67ceae873fc2
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-