General
-
Target
83967111bcd018bdfa502dca6486d12b0e5407207d612fa64c1305ac081a0360
-
Size
1.3MB
-
Sample
221101-nmvzeabdg7
-
MD5
f1b9b08b30e28d44fbaa4bba3d8b904c
-
SHA1
b30dc046c2182f22554f2960f267f6d98512ce48
-
SHA256
83967111bcd018bdfa502dca6486d12b0e5407207d612fa64c1305ac081a0360
-
SHA512
b162787c6d385bd32dac94b76b8040116ff60c58be8b800db7b329671a78af929aecb25ae499b7e3cf11926178f6ead597e437c9ce1d9db292975765dbaa78ac
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
83967111bcd018bdfa502dca6486d12b0e5407207d612fa64c1305ac081a0360.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
83967111bcd018bdfa502dca6486d12b0e5407207d612fa64c1305ac081a0360
-
Size
1.3MB
-
MD5
f1b9b08b30e28d44fbaa4bba3d8b904c
-
SHA1
b30dc046c2182f22554f2960f267f6d98512ce48
-
SHA256
83967111bcd018bdfa502dca6486d12b0e5407207d612fa64c1305ac081a0360
-
SHA512
b162787c6d385bd32dac94b76b8040116ff60c58be8b800db7b329671a78af929aecb25ae499b7e3cf11926178f6ead597e437c9ce1d9db292975765dbaa78ac
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-