General
-
Target
chainbrowserSession - Copie.exe
-
Size
827KB
-
Sample
240514-3ptlpaec6w
-
MD5
dcd1dbdf7c8bfb9263e5dda02b1bfa79
-
SHA1
0912a5fa7ac74c5e49d72a8a4d6957b063b1d31b
-
SHA256
3fe6c89a0fdadaf3172be13af4fad92f5f3e08c3bde723c8b6957ac68a3503ae
-
SHA512
d368e5f91365af67e46514425e13323f0ad2181d5fc1e790b2b5d17e9cf8c91f46bdf582550517f703b8232f6bd59598b37a41cd637f2d9c192317e8f0134ccc
-
SSDEEP
12288:aAavWfeLpHbw89c1R66n20OHjNJWZtWDqEneSfIY9DyQpPt:RavZpHbw1R6PlTGqqERfFDyel
Behavioral task
behavioral1
Sample
chainbrowserSession - Copie.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
chainbrowserSession - Copie.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
chainbrowserSession - Copie.exe
-
Size
827KB
-
MD5
dcd1dbdf7c8bfb9263e5dda02b1bfa79
-
SHA1
0912a5fa7ac74c5e49d72a8a4d6957b063b1d31b
-
SHA256
3fe6c89a0fdadaf3172be13af4fad92f5f3e08c3bde723c8b6957ac68a3503ae
-
SHA512
d368e5f91365af67e46514425e13323f0ad2181d5fc1e790b2b5d17e9cf8c91f46bdf582550517f703b8232f6bd59598b37a41cd637f2d9c192317e8f0134ccc
-
SSDEEP
12288:aAavWfeLpHbw89c1R66n20OHjNJWZtWDqEneSfIY9DyQpPt:RavZpHbw1R6PlTGqqERfFDyel
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-