General
-
Target
73f885b93952cf1dafd93a649ea09ff619904c81f8252edc48044a7146d510b5
-
Size
1.3MB
-
Sample
221101-nm473sbdg9
-
MD5
6c27fa41d45eb3ad99b7449111956442
-
SHA1
b30df93499eb468648e95ecb7b31eb660695d17a
-
SHA256
73f885b93952cf1dafd93a649ea09ff619904c81f8252edc48044a7146d510b5
-
SHA512
e5d73acb899287a526af973ab684e8db46604d448b1a9a63a9753f97624135c8541a0051e5d6916520de3dfe671b5718d5d63407b86c9094a64f2f4a65fdbb26
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
73f885b93952cf1dafd93a649ea09ff619904c81f8252edc48044a7146d510b5.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
73f885b93952cf1dafd93a649ea09ff619904c81f8252edc48044a7146d510b5
-
Size
1.3MB
-
MD5
6c27fa41d45eb3ad99b7449111956442
-
SHA1
b30df93499eb468648e95ecb7b31eb660695d17a
-
SHA256
73f885b93952cf1dafd93a649ea09ff619904c81f8252edc48044a7146d510b5
-
SHA512
e5d73acb899287a526af973ab684e8db46604d448b1a9a63a9753f97624135c8541a0051e5d6916520de3dfe671b5718d5d63407b86c9094a64f2f4a65fdbb26
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-