General
-
Target
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88.exe
-
Size
1.6MB
-
Sample
240715-wrgxcavhjg
-
MD5
45eac1c5ac04d5ba311c04776b5bebc0
-
SHA1
15a8e23f04af0b5e38a2fe086cd7c7e18c390304
-
SHA256
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88
-
SHA512
f2d4b84515a305daea3700f4548af478c9218ff87842cf2a4bc2e6505bb26286bb754695a0290d516854d44ab47f29c0ed20e2a74e5faf60ecc59373ea8f123a
-
SSDEEP
24576:U2G/nvxW3Ww0tSjbEshCbueLblBg5IbMemSGsUb8fR9BONbpW0N1Hax:UbA30SjYsaB1Xx/RZ9BONt6x
Behavioral task
behavioral1
Sample
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88.exe
-
Size
1.6MB
-
MD5
45eac1c5ac04d5ba311c04776b5bebc0
-
SHA1
15a8e23f04af0b5e38a2fe086cd7c7e18c390304
-
SHA256
674890622d7bb92cedd72f8761121f9b8eccfe4a45f2967babb7d06538342d88
-
SHA512
f2d4b84515a305daea3700f4548af478c9218ff87842cf2a4bc2e6505bb26286bb754695a0290d516854d44ab47f29c0ed20e2a74e5faf60ecc59373ea8f123a
-
SSDEEP
24576:U2G/nvxW3Ww0tSjbEshCbueLblBg5IbMemSGsUb8fR9BONbpW0N1Hax:UbA30SjYsaB1Xx/RZ9BONt6x
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-