General
-
Target
SilverBulletV2.exe
-
Size
3.5MB
-
Sample
240424-2bcwcaag2y
-
MD5
05e08ad740c4ae377dfdd0d851f03d49
-
SHA1
121fb6e00d43f13544987e46e72faab6e8f41ffb
-
SHA256
0cb7feb38da76fa738b57f7f0194d470c7bef9e8441755be29b1a3e3c91f54ab
-
SHA512
90504df9612a6edda6d1e989ef0e9e889b6028bd8777eb6a409048fce9be29ecc6e803237c005316f4741b955bcd4b6a98d606f551cd57564b7193d6482726f3
-
SSDEEP
98304:UbstqHL7rg894k+x7ule+7R/R0j3Hoi7dvNRe0ndNRaz:Ug80Px7OX7RMXoi7dFR7ndKz
Behavioral task
behavioral1
Sample
SilverBulletV2.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
SilverBulletV2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
SilverBulletV2.exe
-
Size
3.5MB
-
MD5
05e08ad740c4ae377dfdd0d851f03d49
-
SHA1
121fb6e00d43f13544987e46e72faab6e8f41ffb
-
SHA256
0cb7feb38da76fa738b57f7f0194d470c7bef9e8441755be29b1a3e3c91f54ab
-
SHA512
90504df9612a6edda6d1e989ef0e9e889b6028bd8777eb6a409048fce9be29ecc6e803237c005316f4741b955bcd4b6a98d606f551cd57564b7193d6482726f3
-
SSDEEP
98304:UbstqHL7rg894k+x7ule+7R/R0j3Hoi7dvNRe0ndNRaz:Ug80Px7OX7RMXoi7dFR7ndKz
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Scheduled Task/Job
1