General
-
Target
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a.exe
-
Size
1.8MB
-
Sample
240712-rjmemsygqb
-
MD5
1f762f2937a65e6706cc9890c2ce963e
-
SHA1
dd9c4b3a729fd1f0f486808750a82df7bbb908ec
-
SHA256
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a
-
SHA512
fef5180a80f46ceab132d00d26f0c14d3711007e75a8d419b08d69ed00d84b70b8113c144b54a0e3d4a70967fdf9a4cff9a1317fec4076888da5203443abebcc
-
SSDEEP
24576:U2G/nvxW3Ww0tzWLVgARUYjfmdylolfEz1ocP7dmjhoGgRO0fktrJxEV4Bn9J0gE:UbA30zWRNfdBnsWNnGrJqEn9nSTbt
Behavioral task
behavioral1
Sample
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a.exe
-
Size
1.8MB
-
MD5
1f762f2937a65e6706cc9890c2ce963e
-
SHA1
dd9c4b3a729fd1f0f486808750a82df7bbb908ec
-
SHA256
2799249bd066a63867d38a7773108711301fce32cd774032c6643a733c91e88a
-
SHA512
fef5180a80f46ceab132d00d26f0c14d3711007e75a8d419b08d69ed00d84b70b8113c144b54a0e3d4a70967fdf9a4cff9a1317fec4076888da5203443abebcc
-
SSDEEP
24576:U2G/nvxW3Ww0tzWLVgARUYjfmdylolfEz1ocP7dmjhoGgRO0fktrJxEV4Bn9J0gE:UbA30zWRNfdBnsWNnGrJqEn9nSTbt
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-