General
-
Target
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94fN
-
Size
3.3MB
-
Sample
241004-dd8h2a1apl
-
MD5
5ea8fe5507da29f15ad6522bcb8f57c0
-
SHA1
54be767326c8168879bcb1eb92cc87a25a537224
-
SHA256
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94f
-
SHA512
a20b9ea30d27d91d4ec1f0c6bafeaa320f479f2a052bbd5f3ee8d44d08539787c152421d59bd9f138bc3c0d282df9bc1e5d6ce2cb05d11d8bb33d36a7a7b9356
-
SSDEEP
98304:Ub4mRM1NgEWifpbYagLm/LA82L0KAnNZ8YD:UEcuN1pfxDgL4M801o
Behavioral task
behavioral1
Sample
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94fN.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94fN.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94fN
-
Size
3.3MB
-
MD5
5ea8fe5507da29f15ad6522bcb8f57c0
-
SHA1
54be767326c8168879bcb1eb92cc87a25a537224
-
SHA256
7c57e080fad66909a105177a14c3e3dadef0cbf3ac40b97f7d6634683cddc94f
-
SHA512
a20b9ea30d27d91d4ec1f0c6bafeaa320f479f2a052bbd5f3ee8d44d08539787c152421d59bd9f138bc3c0d282df9bc1e5d6ce2cb05d11d8bb33d36a7a7b9356
-
SSDEEP
98304:Ub4mRM1NgEWifpbYagLm/LA82L0KAnNZ8YD:UEcuN1pfxDgL4M801o
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-