General
-
Target
f5a576e78853c8cd837290125d62aec763c5a552525aadff9a8396479d1a1137
-
Size
1.3MB
-
Sample
221101-mwyk8abad9
-
MD5
db6d79ce5c7077c91e2d080a724d8eb2
-
SHA1
8a6c6e5034f09b0a4c1ca6f549c0c7b7c9ebda11
-
SHA256
f5a576e78853c8cd837290125d62aec763c5a552525aadff9a8396479d1a1137
-
SHA512
273e2730a8992a49c87ce04d2c079983d2ac1f117949fa2eba030ea0f219d048777e24c00324bcffe29df2fb54f904130796265a84d82634af2c0605f19ccd40
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
f5a576e78853c8cd837290125d62aec763c5a552525aadff9a8396479d1a1137.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
f5a576e78853c8cd837290125d62aec763c5a552525aadff9a8396479d1a1137
-
Size
1.3MB
-
MD5
db6d79ce5c7077c91e2d080a724d8eb2
-
SHA1
8a6c6e5034f09b0a4c1ca6f549c0c7b7c9ebda11
-
SHA256
f5a576e78853c8cd837290125d62aec763c5a552525aadff9a8396479d1a1137
-
SHA512
273e2730a8992a49c87ce04d2c079983d2ac1f117949fa2eba030ea0f219d048777e24c00324bcffe29df2fb54f904130796265a84d82634af2c0605f19ccd40
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-