General
-
Target
077242ad561c2803acd9b61a1805bdd65f13f04aab4c24752797c2bc90ac5779
-
Size
1.3MB
-
Sample
230202-vtxvxaga6w
-
MD5
3f68a4e49cbdae48082f6733411dee78
-
SHA1
be3308ec4cdf8d6d1e968380c1ac30e8f8a8c5fc
-
SHA256
077242ad561c2803acd9b61a1805bdd65f13f04aab4c24752797c2bc90ac5779
-
SHA512
5cb1d16f3f1f4a405ff02ae1d74655736761517a7981d902be69b1b31fa1b69f290548848059b6962ec8001e17293380b9b69bdad9138e25a05215d2d1feac7c
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
077242ad561c2803acd9b61a1805bdd65f13f04aab4c24752797c2bc90ac5779.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
077242ad561c2803acd9b61a1805bdd65f13f04aab4c24752797c2bc90ac5779
-
Size
1.3MB
-
MD5
3f68a4e49cbdae48082f6733411dee78
-
SHA1
be3308ec4cdf8d6d1e968380c1ac30e8f8a8c5fc
-
SHA256
077242ad561c2803acd9b61a1805bdd65f13f04aab4c24752797c2bc90ac5779
-
SHA512
5cb1d16f3f1f4a405ff02ae1d74655736761517a7981d902be69b1b31fa1b69f290548848059b6962ec8001e17293380b9b69bdad9138e25a05215d2d1feac7c
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-