General
-
Target
14934c8dd452bdca272fe12dde673f90.bin
-
Size
1009KB
-
Sample
231122-bl52rshe55
-
MD5
14934c8dd452bdca272fe12dde673f90
-
SHA1
de94741ce365bf6883ec45dfe60aac4bc40fb387
-
SHA256
fe63d0ff2eea88b3613ca84d73cfea2919a45406bc934d1e8754971a2b8d56e8
-
SHA512
a27385e33efdb1babae0baeefd699cca8ac62409bd4736078d329bf524101fe01893daed647d03f0d7cf86fc74741e3976c5a074e00b91c9617d0a51b0eb19dc
-
SSDEEP
24576:wy/Z6o+4Lf6/Sw9uzAFj9W2lijCnXiZtlYOXCrQzdUoNw:D/ZA46Swwz52lijC4tlYSPxda
Static task
static1
Behavioral task
behavioral1
Sample
ff54c1620292f1c1ce7bec6a34b735a8fa7633c0.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
ff54c1620292f1c1ce7bec6a34b735a8fa7633c0.exe
Resource
win10v2004-20231025-en
Malware Config
Targets
-
-
Target
ff54c1620292f1c1ce7bec6a34b735a8fa7633c0.bin
-
Size
1.5MB
-
MD5
0c7ab53caf16e730fdfbd12741e3b201
-
SHA1
ff54c1620292f1c1ce7bec6a34b735a8fa7633c0
-
SHA256
b9f2bfc2bcf4ef29b0b1de88b2bc0cccb3f7997d3f651f3ea93bb6ea993822b4
-
SHA512
0a016f0fad65f77f218acfd24fb65e8ee5727c6b47860c57c4915f87f0c8d9118d6bde169a8adb5e7d4b453b0cf0011916824a84a833fd26095677dd4e7176ad
-
SSDEEP
24576:1rU/y3tQ9Pg0oPR01vmZ8sRrxrYtrqXD68P7d3BFMukWMG+gcXh6dvrBV1gerPxc:1rU/+iBgZRcvmag9rYJqXKTG+g+h6dvq
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-