General
-
Target
1c13a059cb114c543f937c2be3721b5a70ee6ae5d5ab9a956b1a3fdb3d542502
-
Size
1.3MB
-
Sample
221101-mv7shabad3
-
MD5
7387e10cfbc17b8523ed8de710f7fbc8
-
SHA1
e0cac1d1de8f1f1833299ff31aed1939521c0809
-
SHA256
1c13a059cb114c543f937c2be3721b5a70ee6ae5d5ab9a956b1a3fdb3d542502
-
SHA512
c3ffb426328434b35ac370103e8fe3bff8b555db18a232a71bd7d2f8abe9565560552316760231baf9823a4dd92acaf46ddaee1527ef20e0144a960ddc91ccda
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
1c13a059cb114c543f937c2be3721b5a70ee6ae5d5ab9a956b1a3fdb3d542502.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
1c13a059cb114c543f937c2be3721b5a70ee6ae5d5ab9a956b1a3fdb3d542502
-
Size
1.3MB
-
MD5
7387e10cfbc17b8523ed8de710f7fbc8
-
SHA1
e0cac1d1de8f1f1833299ff31aed1939521c0809
-
SHA256
1c13a059cb114c543f937c2be3721b5a70ee6ae5d5ab9a956b1a3fdb3d542502
-
SHA512
c3ffb426328434b35ac370103e8fe3bff8b555db18a232a71bd7d2f8abe9565560552316760231baf9823a4dd92acaf46ddaee1527ef20e0144a960ddc91ccda
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-