General
-
Target
75e25848db58f6143afc8ae6afaa0524fc65118c035a24eb1f8015c2240d6f42
-
Size
840KB
-
Sample
240417-rxe8gsdf7z
-
MD5
95da3dd851d224b54487542aa082e5dc
-
SHA1
1914e805394249d8dff1809121f537493d84afb6
-
SHA256
75e25848db58f6143afc8ae6afaa0524fc65118c035a24eb1f8015c2240d6f42
-
SHA512
42ea12fb1e649d5e361782e32ce9947dd809e091b7204fa99be90c8c28d96e59772cd0d02e4034c5282d13e82024db6b89d5e768a81f3835b9df7ca40ecba7e6
-
SSDEEP
24576:zSHtjCSA7H3iyA2Ea40ZlxfubuD7D7Disn2iGzdkWaEDF7Ft:eHtjCSAT3igEx0Z3fuC7DSNmW1F7Ft
Static task
static1
Behavioral task
behavioral1
Sample
9bccd2dc8f14b92f591fab90b458da775598de51f9c56dca13ed0561e33eea24.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9bccd2dc8f14b92f591fab90b458da775598de51f9c56dca13ed0561e33eea24.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
9bccd2dc8f14b92f591fab90b458da775598de51f9c56dca13ed0561e33eea24.exe
-
Size
937KB
-
MD5
523c53675f0fee6e718deb0cfb09f2f2
-
SHA1
7434e1b491dc3f8b40666eadc90a78a219ab16ff
-
SHA256
9bccd2dc8f14b92f591fab90b458da775598de51f9c56dca13ed0561e33eea24
-
SHA512
fddd55cbe94a17573db57598808e5f99159e80875561894b81451cf1116f8756400fe07a8ce3f112689a6340a3b36e4cdae16434a15dcb91c395a1c946811659
-
SSDEEP
24576:BJCKbYqWhdhXoW+qJ++uSEWPZd3zrpi+0:BBbYqWhdhonqYOEWx5rk+0
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-