General
-
Target
NewLoaderCracks_1.32.exe
-
Size
2.0MB
-
Sample
241004-qt3c6swgqp
-
MD5
957e3773e9346cee687c19fce88b7f4a
-
SHA1
86e0dbdf89012c5e2fee9feb0867ce867e8d5a1a
-
SHA256
2928f73f9fa919f37465f87f2cec1098c255bb420bc38d245aeb136c6e7f1271
-
SHA512
3f9a3943b511aec7d95371ca77e2e6958d342b5e96480f6c8db376520ba8b2dd3f81f7834c8e0fc39f2bd4633331f22f0bb165f60c7ba622404f1b09fb1931e0
-
SSDEEP
24576:h2G/nvxW3WbMn0Xbux7fBIcZYBhXDz9rDYe0sbT2EqdGoFKfD/M5lXVcpm:hbA3+M0Xbux7bKPRse0mTnqfELMJ5
Behavioral task
behavioral1
Sample
NewLoaderCracks_1.32.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
NewLoaderCracks_1.32.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
NewLoaderCracks_1.32.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral4
Sample
NewLoaderCracks_1.32.exe
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
NewLoaderCracks_1.32.exe
-
Size
2.0MB
-
MD5
957e3773e9346cee687c19fce88b7f4a
-
SHA1
86e0dbdf89012c5e2fee9feb0867ce867e8d5a1a
-
SHA256
2928f73f9fa919f37465f87f2cec1098c255bb420bc38d245aeb136c6e7f1271
-
SHA512
3f9a3943b511aec7d95371ca77e2e6958d342b5e96480f6c8db376520ba8b2dd3f81f7834c8e0fc39f2bd4633331f22f0bb165f60c7ba622404f1b09fb1931e0
-
SSDEEP
24576:h2G/nvxW3WbMn0Xbux7fBIcZYBhXDz9rDYe0sbT2EqdGoFKfD/M5lXVcpm:hbA3+M0Xbux7bKPRse0mTnqfELMJ5
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-