General
-
Target
f023df1eb9578e8c5865d7d4552ec08f549f85aa080d92293647762744bdbe8c
-
Size
1.3MB
-
Sample
230202-q64f1abe34
-
MD5
d12ce2f14dd1664883e018d84c6c9006
-
SHA1
02e3516bdf765969a25724b329ed3aeeddeffa3c
-
SHA256
f023df1eb9578e8c5865d7d4552ec08f549f85aa080d92293647762744bdbe8c
-
SHA512
c977b85a55761adc7ee169807cbd04a3e2801403ceef79aa44098be5aed32ff716d270eeecc578146093da2d593e9a9e411a51027c827c220dcd4565bf51a7cd
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
f023df1eb9578e8c5865d7d4552ec08f549f85aa080d92293647762744bdbe8c.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
f023df1eb9578e8c5865d7d4552ec08f549f85aa080d92293647762744bdbe8c
-
Size
1.3MB
-
MD5
d12ce2f14dd1664883e018d84c6c9006
-
SHA1
02e3516bdf765969a25724b329ed3aeeddeffa3c
-
SHA256
f023df1eb9578e8c5865d7d4552ec08f549f85aa080d92293647762744bdbe8c
-
SHA512
c977b85a55761adc7ee169807cbd04a3e2801403ceef79aa44098be5aed32ff716d270eeecc578146093da2d593e9a9e411a51027c827c220dcd4565bf51a7cd
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-