General
-
Target
ffad890a75902443f6c93f5e59a2f34568050d7837a0395ac277cecb0eee9566.zip
-
Size
415KB
-
Sample
231119-3vq3radf5t
-
MD5
92411ecc81320207c1faa0a7b535d394
-
SHA1
6c36d7cb00b1cedcfdcd4888796c645b6d4332fe
-
SHA256
a83f3991aac6949237089535774eb590eb6644051353a07ec5b28d540b0ff80c
-
SHA512
08267c0d9bf2df0e3f6a9cf5d3ba220468fc242f65bd8a738af47d8b9990f6f7aead93d8ec3c665e61480405ca5e255812535756a62ce27ba6e73ea671309d0e
-
SSDEEP
6144:rMZQDFARk30coFJoRas0DeGEjT5bYSrS/o1Lx+zwlKnmGpI0Qe/ECUVeaCXsc+Ru:fJoFttD2bYg44LAn5MLqci
Behavioral task
behavioral1
Sample
ffad890a75902443f6c93f5e59a2f34568050d7837a0395ac277cecb0eee9566.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
ffad890a75902443f6c93f5e59a2f34568050d7837a0395ac277cecb0eee9566.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
ffad890a75902443f6c93f5e59a2f34568050d7837a0395ac277cecb0eee9566.exe
-
Size
827KB
-
MD5
046d982708c20bd6d72dbf52bbae5f7b
-
SHA1
10e7d61dd00262a56f205772490ca4eff82526e0
-
SHA256
ffad890a75902443f6c93f5e59a2f34568050d7837a0395ac277cecb0eee9566
-
SHA512
424682e75ce9d19495d36c45092566a0913e253e4043210f7cc9fabcc268d985ca09f51bffc03d7ebb389383e511d4149b9d9374898ac40a98aded0d0866ac96
-
SSDEEP
12288:KEhjU+RTDLTvuT5F4hhd6vWL1E2EXLCFbhdXtk/2E:KsU+RjTvuT5F4hhc21EPLEhddk/P
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-