General
-
Target
b8efa319cd9507b3d33d8fea2dacbe02d0e4f45779bd829146f2139760bd39df
-
Size
1.3MB
-
Sample
221101-nyy57sceem
-
MD5
f53445cbd954b30d33ce8e564c6a1463
-
SHA1
3c2937d89cef1ab463707161a59e0395aff2b9a9
-
SHA256
b8efa319cd9507b3d33d8fea2dacbe02d0e4f45779bd829146f2139760bd39df
-
SHA512
2226d087e15f705bc7999ec4c8537c89b19bc2496cdc7179233833580f023ae3986c400d5b9d3590085538e13150f87911a83fe33cf4e48d5104fa5331c3e9b8
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
b8efa319cd9507b3d33d8fea2dacbe02d0e4f45779bd829146f2139760bd39df.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
b8efa319cd9507b3d33d8fea2dacbe02d0e4f45779bd829146f2139760bd39df
-
Size
1.3MB
-
MD5
f53445cbd954b30d33ce8e564c6a1463
-
SHA1
3c2937d89cef1ab463707161a59e0395aff2b9a9
-
SHA256
b8efa319cd9507b3d33d8fea2dacbe02d0e4f45779bd829146f2139760bd39df
-
SHA512
2226d087e15f705bc7999ec4c8537c89b19bc2496cdc7179233833580f023ae3986c400d5b9d3590085538e13150f87911a83fe33cf4e48d5104fa5331c3e9b8
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-