General
-
Target
3d71f1e177234c396f2a5d7d852a2376.bin
-
Size
909KB
-
Sample
240517-b37lxsbd5y
-
MD5
7d7e2fa7cf58c33faf8e27167d59cbba
-
SHA1
dcfe3c17f5fdb0c2233ab5cf71f5ba7f73436b1e
-
SHA256
cf56915bbabca1ab11ae4cc7f946594e79aba3e4a79e89eb600c60bc19e4b357
-
SHA512
597615f0f61eade37e245d3e04e89594620997e3b5a80ddd6fe9140b1f861c6dcb68078c5bf31133461bad9b18f8a897864ce81c06ba9fe5cb871358985a0477
-
SSDEEP
24576:zxpTGlKQGgbzzRkM65iWTVZSNwjHbdQzf18bKu0gbwYmeW:zxpKl7RknrxsyjHbdQz18bKu0qwYmeW
Behavioral task
behavioral1
Sample
c0db54d6ec9c0e2310d4c8bfd1739f079a0fd85adcf088ff8876f54485a61f2c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c0db54d6ec9c0e2310d4c8bfd1739f079a0fd85adcf088ff8876f54485a61f2c.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
c0db54d6ec9c0e2310d4c8bfd1739f079a0fd85adcf088ff8876f54485a61f2c.exe
-
Size
1.4MB
-
MD5
3d71f1e177234c396f2a5d7d852a2376
-
SHA1
fe960120b965c91a3021fbea60e1b2c77ec78b63
-
SHA256
c0db54d6ec9c0e2310d4c8bfd1739f079a0fd85adcf088ff8876f54485a61f2c
-
SHA512
e2bc7e6027b32088580ab4e2a074d23c8be77ef5992f502fadb0875316a2b2f79bd9d1668568d99867715d5e60ee2fa236c903ba668cfd868142e3d18bbda82c
-
SSDEEP
24576:U2G/nvxW3Ww0tHzmBv0vDGt3r6+yWJmgHgwSRADpDial:UbA30HzFGnJ2wS+1ic
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-