General
-
Target
095c8b3bc99a68baadd8b931bd31295fc9f9c928354344cceaf5c235d28adfd3
-
Size
1.3MB
-
Sample
221101-mlm2qsbham
-
MD5
cb7aaa2d2dbf4c099f72fd31a2562123
-
SHA1
a82f40157e27ec160b7ed47ed480ca2436c37f23
-
SHA256
095c8b3bc99a68baadd8b931bd31295fc9f9c928354344cceaf5c235d28adfd3
-
SHA512
36e03df57cb05c79835badd6a9ac5fa6f69c1d2b872747db157b29399b7db2abec9384f8817b484072c30ca195a960e0e98d6d0d4befb731245f4b661b2cb945
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
095c8b3bc99a68baadd8b931bd31295fc9f9c928354344cceaf5c235d28adfd3.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
095c8b3bc99a68baadd8b931bd31295fc9f9c928354344cceaf5c235d28adfd3
-
Size
1.3MB
-
MD5
cb7aaa2d2dbf4c099f72fd31a2562123
-
SHA1
a82f40157e27ec160b7ed47ed480ca2436c37f23
-
SHA256
095c8b3bc99a68baadd8b931bd31295fc9f9c928354344cceaf5c235d28adfd3
-
SHA512
36e03df57cb05c79835badd6a9ac5fa6f69c1d2b872747db157b29399b7db2abec9384f8817b484072c30ca195a960e0e98d6d0d4befb731245f4b661b2cb945
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-