General
-
Target
CrypterLocalMin.exe
-
Size
627KB
-
Sample
230121-xkrzeafc2s
-
MD5
fc938e39c9d9e09ef95d04b7529ff7cf
-
SHA1
c726cefba588cea3135ba7bb47228676d68ce51a
-
SHA256
c01b4811306e46eb5b8bd85e25a5d6c9fdf508983855278e2ad905bcbd4a052d
-
SHA512
0afe99956bc923ccfef67e7e9a854a0f601fc53cfdcbd29964ee2d6f21e33a88f0fa43fbac13c24b25abc433abccb8e54ddab73a460596fb165190f5550915db
-
SSDEEP
12288:aRZ+IoG/n9IQxW3OBsee2X+t4RbdnNE5XM/j7DFJvAmLRFQ5S/RW:U2G/nvxW3Ww0tdnNKMnffLRuiY
Behavioral task
behavioral1
Sample
CrypterLocalMin.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
CrypterLocalMin.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
CrypterLocalMin.exe
-
Size
627KB
-
MD5
fc938e39c9d9e09ef95d04b7529ff7cf
-
SHA1
c726cefba588cea3135ba7bb47228676d68ce51a
-
SHA256
c01b4811306e46eb5b8bd85e25a5d6c9fdf508983855278e2ad905bcbd4a052d
-
SHA512
0afe99956bc923ccfef67e7e9a854a0f601fc53cfdcbd29964ee2d6f21e33a88f0fa43fbac13c24b25abc433abccb8e54ddab73a460596fb165190f5550915db
-
SSDEEP
12288:aRZ+IoG/n9IQxW3OBsee2X+t4RbdnNE5XM/j7DFJvAmLRFQ5S/RW:U2G/nvxW3Ww0tdnNKMnffLRuiY
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-