Overview

overview

10

Static

static

10

Allergies ...df.zip

windows10-2004-x64

1

Allergies ...df.scr

windows10-2004-x64

10

Resubmissions

14/06/2023, 00:49

230614-a6lm7acd45 10

14/06/2023, 00:49

230614-a6ejwacd44 10

14/06/2023, 00:21

230614-and6dscd27 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Allergies List and Allowed Substances.numb05151.pdf.zip

  • Size

    16.6MB

  • Sample

    230614-a6lm7acd45

  • MD5

    d3bb51283dcf2658026fbdacdf3df32e

  • SHA1

    a05f9a6bd29a4b28066dc6b1575fa4945ef86650

  • SHA256

    cd83427b301bad7fc71f23cb121a4c41483b2f0278c54e9595583e8f2865f004

  • SHA512

    b80b527cb7fb762d78893be87fe00f6827418cfde6be4ba929d1ba725f0d2c06e0cf861a93fc90bb20161a2edf30162e29ff10c344bb582a897664ffe30f2ad0

  • SSDEEP

    393216:z7xPhHoZMb512lSjxU9LVbRyCqBYa5o4CPMscWpmmaivTCzn:/lhH7Ljj2FhcG4Njy2ivAn

Score
10/10
dcratinfostealerrat

Malware Config

Targets

    • Target

      Allergies List and Allowed Substances.numb05151.pdf.zip

    • Size

      16.6MB

    • MD5

      d3bb51283dcf2658026fbdacdf3df32e

    • SHA1

      a05f9a6bd29a4b28066dc6b1575fa4945ef86650

    • SHA256

      cd83427b301bad7fc71f23cb121a4c41483b2f0278c54e9595583e8f2865f004

    • SHA512

      b80b527cb7fb762d78893be87fe00f6827418cfde6be4ba929d1ba725f0d2c06e0cf861a93fc90bb20161a2edf30162e29ff10c344bb582a897664ffe30f2ad0

    • SSDEEP

      393216:z7xPhHoZMb512lSjxU9LVbRyCqBYa5o4CPMscWpmmaivTCzn:/lhH7Ljj2FhcG4Njy2ivAn

    Score
    1/10
    behavioral1

    • Target

      Allergies List and Allowed Substances.numb05151.pdf.scr

    • Size

      920.3MB

    • MD5

      491c5ac82977262ef24bd22ad312c622

    • SHA1

      1f0555370f07e94182059701f63e940429757157

    • SHA256

      ea770032c44e773b9c9865d4ff3bfb10f76b003ace1bbfbe45755ffff227e5fe

    • SHA512

      a9974fe623a979e12d8493200f36aa4aab5763ea97ed4d5924fb1f579038d686bb10d789d576343ce4ca4c8a4657ed9404b7ffb52f701f6f880eb75e766f6734

    • SSDEEP

      393216:rc8yiMPNWZV4nXF12elEA7YKsHES/Sl50l:rcOMPNWTM2elpBtSwW

    Score
    10/10
    dcratinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

      rat

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Suspicious use of SetThreadContext

    behavioral2

MITRE ATT&CK Enterprise v6

Tasks