General
-
Target
11cb982a00e3ce1d7931994b321fe35821c761256236dac5976e563a1e74afdd
-
Size
1.3MB
-
Sample
221101-mlcwrsbghr
-
MD5
00a254397e3899636aa80bc835692817
-
SHA1
7cb12767ec295a813cd37c47dfecbb3330277e7a
-
SHA256
11cb982a00e3ce1d7931994b321fe35821c761256236dac5976e563a1e74afdd
-
SHA512
b86bddc6934ed71b89d289af64a03ba5b88578eee782222c84d5fd082bbcfad50f5dc796abe28be949df3caf8429fefb7c7615a244de441252172abd0cbd3037
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
11cb982a00e3ce1d7931994b321fe35821c761256236dac5976e563a1e74afdd.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
11cb982a00e3ce1d7931994b321fe35821c761256236dac5976e563a1e74afdd
-
Size
1.3MB
-
MD5
00a254397e3899636aa80bc835692817
-
SHA1
7cb12767ec295a813cd37c47dfecbb3330277e7a
-
SHA256
11cb982a00e3ce1d7931994b321fe35821c761256236dac5976e563a1e74afdd
-
SHA512
b86bddc6934ed71b89d289af64a03ba5b88578eee782222c84d5fd082bbcfad50f5dc796abe28be949df3caf8429fefb7c7615a244de441252172abd0cbd3037
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-