Resubmissions

30-05-2024 03:05

240530-dk6b9acb71 10

30-05-2024 03:04

240530-dkymeacb7x 10

30-05-2024 02:59

240530-dgr1fsda39 10

General

  • Target

    b817873fadd6af466832355a47d1e9ae.bin

  • Size

    589KB

  • Sample

    240530-dkymeacb7x

  • MD5

    bd26a798cd0e16293854efa0d1c3eeba

  • SHA1

    9379d72142a44e21ef8fb10b032143e68ffd27af

  • SHA256

    0f6215b559b8436f2bd82dacca1a3ea76c1cee35c3f7f526388c0282ecb699db

  • SHA512

    8f5344a6c1f6e016f4b1f366034f4cf2ebe55efd08cab33e35e58ca4cdedcc93fd1fe22b9377ec534bc72185025b33e9226f21b88ef0272c520ae209b9b64df5

  • SSDEEP

    12288:gTchTNOFhNeSDIXXNduWfR8ax5XoUEMSeRlRFZPyHLx1akNeaMEL:3DehNClR8uXoUEnerRnKH91akIaMEL

Score
10/10

Malware Config

Targets

    • Target

      c4c83b1a077e713337ea9f76248e9115cebfa105b3338747e3284cd610254581.exe

    • Size

      1000KB

    • MD5

      b817873fadd6af466832355a47d1e9ae

    • SHA1

      e06db2031ed495fd73c7c0d60cb581702f668ec4

    • SHA256

      c4c83b1a077e713337ea9f76248e9115cebfa105b3338747e3284cd610254581

    • SHA512

      1ed7a3060d0f7298f969152968b18db5211ca087480ef650415b297747576e033151bfb5b6494e0e1b79ddc609b25412a3707c475a8cd12f3fca95894a6e4a77

    • SSDEEP

      24576:jzZgodRLKBXQEyRt7d/bZJfKp491BaDwoA:jz9W29vlp9Ok

    Score
    10/10
    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

MITRE ATT&CK Enterprise v15

Tasks