General
-
Target
mimit.bat
-
Size
1.6MB
-
Sample
240622-yjgmqawenr
-
MD5
aac440cf5d1026e1de84b116ee4ac8ab
-
SHA1
b0008427aa44cec82ec7cd6d98269dc4be94726b
-
SHA256
354d89f962576dfcba2bef6d7a28fd37b148154af34e05862c5918957ce50198
-
SHA512
cc4635414fa41df634e3be72e8dff997f004e02bdb65b765821824d2f60cd94be4431b9a0b651154fd07eda4ab6ae674d807457e1c4751250b9693013d141368
-
SSDEEP
24576:U2G/nvxW3Ww0t7Q1G8olW0YuxG2pihEm2Aq0qRtUrH2zUdI9+MMt97DhBZoaaKT:UbA307QE96SVXCK8I9+MMLvZjaW
Behavioral task
behavioral1
Sample
mimit.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
mimit.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
mimit.bat
-
Size
1.6MB
-
MD5
aac440cf5d1026e1de84b116ee4ac8ab
-
SHA1
b0008427aa44cec82ec7cd6d98269dc4be94726b
-
SHA256
354d89f962576dfcba2bef6d7a28fd37b148154af34e05862c5918957ce50198
-
SHA512
cc4635414fa41df634e3be72e8dff997f004e02bdb65b765821824d2f60cd94be4431b9a0b651154fd07eda4ab6ae674d807457e1c4751250b9693013d141368
-
SSDEEP
24576:U2G/nvxW3Ww0t7Q1G8olW0YuxG2pihEm2Aq0qRtUrH2zUdI9+MMt97DhBZoaaKT:UbA307QE96SVXCK8I9+MMLvZjaW
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-