Overview

overview

3

Static

static

3

f175fcc7b1...37.zip

windows11-21h2-x64

1

CrystalUS.exe

windows11-21h2-x64

1

cfg.json

windows11-21h2-x64

3

formats/Arcane.cus

windows11-21h2-x64

3

formats/DCRat.cus

windows11-21h2-x64

3

formats/De...#2.cus

windows11-21h2-x64

3

formats/De...#3.cus

windows11-21h2-x64

3

formats/De...#4.cus

windows11-21h2-x64

3

formats/De...#5.cus

windows11-21h2-x64

3

formats/De...#6.cus

windows11-21h2-x64

3

formats/Default.cus

windows11-21h2-x64

3

formats/Taurus.cus

windows11-21h2-x64

3

formats/We...ew.cus

windows11-21h2-x64

3

Analysis

  • max time kernel
    595s
  • max time network
    451s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/01/2024, 06:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CrystalUS.exe

  • Size

    809KB

  • MD5

    4516f5182bcaefb6a8dd7f53ce0c429f

  • SHA1

    eca27762ec651c3072213262cea7cef198e827e3

  • SHA256

    577403a4c07eaf6bade5f5ac6165b0ee87a4fcfd2d8e3894a3defdd5e33e9e5a

  • SHA512

    44646348c6fe6080a8319738eb7a324b3f6a076abf1b38797b52b554121d752c00145d417ad3c0a5246b5e52c7f8e6a0aa99c04a8f946d40908372e01f49d361

  • SSDEEP

    12288:ilsUCeelhOBEmUeRHyhubiMLnN6fMZTjeVzvEKlT/tZmG:nUYlhkRchubiMbNI1M+/tZmG

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\CrystalUS.exe
    "C:\Users\Admin\AppData\Local\Temp\CrystalUS.exe"
    1⤵
      PID:5044

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\cfg.json
      Filesize

      187B

      MD5

      a390634f40ab90285f10bee6539ef730

      SHA1

      ffaedc682db7266fca927bd4753a2c5c3b6e85d6

      SHA256

      f99763c7d58e0234a30f2e88ca23a337b218ffc87280958b82bbc5f5baaf31c3

      SHA512

      c73aa423243888c15ad7b9698591ff42acb5c7b1254f3cc253ae2564b306d9cfd69a99d45cf24ea5c88e6b49ebd02b05176238b6bc9fa976c1216e588ba3f391

      Download Submit

    • memory/5044-6-0x00000285526C0000-0x00000285526E2000-memory.dmp

      Filesize

      136KB

      Download

    • memory/5044-2-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5044-3-0x0000028539A30000-0x0000028539A3C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/5044-5-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5044-4-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5044-0-0x0000028537C00000-0x0000028537CD0000-memory.dmp

      Filesize

      832KB

      Download

    • memory/5044-1-0x00007FFE235B0000-0x00007FFE24072000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5044-16-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5044-17-0x00000285524D0000-0x0000028552683000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/5044-18-0x00007FFE235B0000-0x00007FFE24072000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/5044-20-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5044-21-0x0000028552320000-0x0000028552330000-memory.dmp

      Filesize

      64KB

      Download