General
-
Target
d18e505ce073d9d492f5183f342fd24f306d61cd1bc7dc92e68d265eddc9d276_JC.exe
-
Size
1.0MB
-
Sample
230826-stlfrsbe59
-
MD5
2db4abb2e5169ea5b459c77e2437287e
-
SHA1
049316b84ca3829744cdef31c2ceb7bec0aa91f6
-
SHA256
d18e505ce073d9d492f5183f342fd24f306d61cd1bc7dc92e68d265eddc9d276
-
SHA512
a126be48cd9c9a7cfdb949fa2729b4a9652b07464ec114a29ae6ed6f26101655a7c17a4efef80da32d630073bc05475cb9ef269fd2dfadeb455307c743c0d609
-
SSDEEP
24576:cxxJD1ApcDikRJ+bQK5wvktFw/7ITCygbPIZ2TEy:CAp+EbQVvktpT/pZUE
Malware Config
Targets
-
-
Target
d18e505ce073d9d492f5183f342fd24f306d61cd1bc7dc92e68d265eddc9d276_JC.exe
-
Size
1.0MB
-
MD5
2db4abb2e5169ea5b459c77e2437287e
-
SHA1
049316b84ca3829744cdef31c2ceb7bec0aa91f6
-
SHA256
d18e505ce073d9d492f5183f342fd24f306d61cd1bc7dc92e68d265eddc9d276
-
SHA512
a126be48cd9c9a7cfdb949fa2729b4a9652b07464ec114a29ae6ed6f26101655a7c17a4efef80da32d630073bc05475cb9ef269fd2dfadeb455307c743c0d609
-
SSDEEP
24576:cxxJD1ApcDikRJ+bQK5wvktFw/7ITCygbPIZ2TEy:CAp+EbQVvktpT/pZUE
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
DCRat payload
Detects payload of DCRat, commonly dropped by NSIS installers.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-