General
-
Target
NerestPC_changer.exe
-
Size
1.5MB
-
Sample
240711-z1xkyawgpe
-
MD5
6fa1984a1f59a16715f190c915071ef9
-
SHA1
5eb59948a447d0a041537bdf8f2fa0c8b11e6626
-
SHA256
0573c4795196fe4987aba8479181314a8f8192eebaa3538504bae96a381b24e8
-
SHA512
434ed9da5f40172a59c502a337a9c8f5142c137086a95385e3906d986601f4e3cbc9105d86e16452d942de8da0c6a7cc52caa596e59d69ffd0cf26cb3d1619b5
-
SSDEEP
24576:U2G/nvxW3Ww0tTR75dc1uO2GWqwKI4b2Y3BWDEDNBvEbicMTc:UbA30TR74y24Y3BW6f7cn
Behavioral task
behavioral1
Sample
NerestPC_changer.exe
Resource
win11-20240709-en
Malware Config
Targets
-
-
Target
NerestPC_changer.exe
-
Size
1.5MB
-
MD5
6fa1984a1f59a16715f190c915071ef9
-
SHA1
5eb59948a447d0a041537bdf8f2fa0c8b11e6626
-
SHA256
0573c4795196fe4987aba8479181314a8f8192eebaa3538504bae96a381b24e8
-
SHA512
434ed9da5f40172a59c502a337a9c8f5142c137086a95385e3906d986601f4e3cbc9105d86e16452d942de8da0c6a7cc52caa596e59d69ffd0cf26cb3d1619b5
-
SSDEEP
24576:U2G/nvxW3Ww0tTR75dc1uO2GWqwKI4b2Y3BWDEDNBvEbicMTc:UbA30TR74y24Y3BW6f7cn
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Executes dropped EXE
-