General
-
Target
24dd91b5edbad468668cf195181228de89fe16d2622f1c74d0c30438f4db2a64
-
Size
1.3MB
-
Sample
221101-n1ymfsbfd3
-
MD5
822e6af1685621db0e50808ed888c19e
-
SHA1
85c5bffae23f03e24676c5e91b47899336cf77d8
-
SHA256
24dd91b5edbad468668cf195181228de89fe16d2622f1c74d0c30438f4db2a64
-
SHA512
9ae88bf787b25059b960233f6136fcbcb002394005ee4e9b0887ccd59bdad0d5a0b82b42e245df58d066335e0297765981c42ea6d4625ca1bfd80ea3a8d79ced
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
24dd91b5edbad468668cf195181228de89fe16d2622f1c74d0c30438f4db2a64.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
24dd91b5edbad468668cf195181228de89fe16d2622f1c74d0c30438f4db2a64
-
Size
1.3MB
-
MD5
822e6af1685621db0e50808ed888c19e
-
SHA1
85c5bffae23f03e24676c5e91b47899336cf77d8
-
SHA256
24dd91b5edbad468668cf195181228de89fe16d2622f1c74d0c30438f4db2a64
-
SHA512
9ae88bf787b25059b960233f6136fcbcb002394005ee4e9b0887ccd59bdad0d5a0b82b42e245df58d066335e0297765981c42ea6d4625ca1bfd80ea3a8d79ced
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-