Resubmissions

14-11-2024 23:57

241114-3zzkpavhpf 10

14-11-2024 23:44

241114-3rj52avgna 10

14-11-2024 23:36

241114-3ln7ssvjfs 10

14-11-2024 23:24

241114-3dnajayler 10

14-11-2024 23:10

241114-25qpastqgt 10

General

  • Target

    4363463463464363463463463.exe

  • Size

    10KB

  • Sample

    241114-25qpastqgt

  • MD5

    2a94f3960c58c6e70826495f76d00b85

  • SHA1

    e2a1a5641295f5ebf01a37ac1c170ac0814bb71a

  • SHA256

    2fcad226b17131da4274e1b9f8f31359bdd325c9568665f08fd1f6c5d06a23ce

  • SHA512

    fbf55b55fcfb12eb8c029562956229208b9e8e2591859d6336c28a590c92a4d0f7033a77c46ef6ebe07ddfca353aba1e84b51907cd774beab148ee901c92d62f

  • SSDEEP

    192:xlwayyHOXGc20L7BIW12n/ePSjiTlzkGu8stYcFwVc03KY:xlwwHe/20PKn/cLTlHuptYcFwVc03K

Malware Config

Targets

    • Target

      4363463463464363463463463.exe

    • Size

      10KB

    • MD5

      2a94f3960c58c6e70826495f76d00b85

    • SHA1

      e2a1a5641295f5ebf01a37ac1c170ac0814bb71a

    • SHA256

      2fcad226b17131da4274e1b9f8f31359bdd325c9568665f08fd1f6c5d06a23ce

    • SHA512

      fbf55b55fcfb12eb8c029562956229208b9e8e2591859d6336c28a590c92a4d0f7033a77c46ef6ebe07ddfca353aba1e84b51907cd774beab148ee901c92d62f

    • SSDEEP

      192:xlwayyHOXGc20L7BIW12n/ePSjiTlzkGu8stYcFwVc03KY:xlwwHe/20PKn/cLTlHuptYcFwVc03K

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Dcrat family

    • DCRat payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks