General
-
Target
11860475a38861b9f1c033d76754ff412f6e3092191cf99bbb534475de47eb8c
-
Size
1.3MB
-
Sample
221101-nzy7lacefn
-
MD5
d72904660e79238dba1e571ddb6326b8
-
SHA1
d739acfbe772ee442fecb4b2f30dff0a7d93864b
-
SHA256
11860475a38861b9f1c033d76754ff412f6e3092191cf99bbb534475de47eb8c
-
SHA512
84a34a6cbea02ade615c187e1ec587336406718d3e39bb4ea5c5d77b0e492e5940bb12518960c4f0e069ddd181524fd907f2ffc08f6b56719e284abccbdabb81
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
11860475a38861b9f1c033d76754ff412f6e3092191cf99bbb534475de47eb8c.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
11860475a38861b9f1c033d76754ff412f6e3092191cf99bbb534475de47eb8c
-
Size
1.3MB
-
MD5
d72904660e79238dba1e571ddb6326b8
-
SHA1
d739acfbe772ee442fecb4b2f30dff0a7d93864b
-
SHA256
11860475a38861b9f1c033d76754ff412f6e3092191cf99bbb534475de47eb8c
-
SHA512
84a34a6cbea02ade615c187e1ec587336406718d3e39bb4ea5c5d77b0e492e5940bb12518960c4f0e069ddd181524fd907f2ffc08f6b56719e284abccbdabb81
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-