General
-
Target
file.exe
-
Size
1.5MB
-
Sample
230528-az7l3sea9t
-
MD5
ecee2ebd3ec0c0d36f88475532eddbef
-
SHA1
c68350688ae49166da20529076bc6e09ece54972
-
SHA256
5a5e3d70cd466c1fd8b96432c3e547d1219f87562450259393b51780b65a201d
-
SHA512
6761c27b5eefa8005f4a175df4f17bbfb84cda2ecd47a894a8afbafd0a8e05b102e93f795a291e29e1a8736c9a55d573d08827dd48bfe20045f73796954c5232
-
SSDEEP
12288:RajiyzjakY85lAi78xkprnzbBxo0O57I3WkctrO73yvKbXRXy2/xcehJNHtIEwyk:RhmYpiwC7BxLOyWj2F/jzNIEF30
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
1.5MB
-
MD5
ecee2ebd3ec0c0d36f88475532eddbef
-
SHA1
c68350688ae49166da20529076bc6e09ece54972
-
SHA256
5a5e3d70cd466c1fd8b96432c3e547d1219f87562450259393b51780b65a201d
-
SHA512
6761c27b5eefa8005f4a175df4f17bbfb84cda2ecd47a894a8afbafd0a8e05b102e93f795a291e29e1a8736c9a55d573d08827dd48bfe20045f73796954c5232
-
SSDEEP
12288:RajiyzjakY85lAi78xkprnzbBxo0O57I3WkctrO73yvKbXRXy2/xcehJNHtIEwyk:RhmYpiwC7BxLOyWj2F/jzNIEF30
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Suspicious use of SetThreadContext
-