General
-
Target
36c2dac3525ac5df63858fed2c59d14e982125baa20d70cc4894515cd3d652b1
-
Size
1.3MB
-
Sample
221101-nzf11sceer
-
MD5
c0ac0066ff36c62fcd1fd3ff8a23ea5f
-
SHA1
ae5f017fb5ed258c050bad6621f18a8f2ab4e2a2
-
SHA256
36c2dac3525ac5df63858fed2c59d14e982125baa20d70cc4894515cd3d652b1
-
SHA512
76d4c8f7614e121c225d90dbc031d06bdcc66a87bc81835f7d854e58bac30f932796868f38bf030cd05ddb098e25ad13b9f10e3a02921445c3ed2e92129c9b90
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
36c2dac3525ac5df63858fed2c59d14e982125baa20d70cc4894515cd3d652b1.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
36c2dac3525ac5df63858fed2c59d14e982125baa20d70cc4894515cd3d652b1
-
Size
1.3MB
-
MD5
c0ac0066ff36c62fcd1fd3ff8a23ea5f
-
SHA1
ae5f017fb5ed258c050bad6621f18a8f2ab4e2a2
-
SHA256
36c2dac3525ac5df63858fed2c59d14e982125baa20d70cc4894515cd3d652b1
-
SHA512
76d4c8f7614e121c225d90dbc031d06bdcc66a87bc81835f7d854e58bac30f932796868f38bf030cd05ddb098e25ad13b9f10e3a02921445c3ed2e92129c9b90
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-