General

  • Target

    JaffaCakes118_a545c0a493172df6e9e6d727c798ba6f47d64677d52c63ff76623044f21284aa

  • Size

    750KB

  • Sample

    241221-w54chawkg1

  • MD5

    56451a033bbc59144c6a29ca007dd385

  • SHA1

    e8f54e8907c3f03aab16e3dfef00813a8420def7

  • SHA256

    a545c0a493172df6e9e6d727c798ba6f47d64677d52c63ff76623044f21284aa

  • SHA512

    888d421b36f62efb305fee5173f6005f6f5c8453a3e8dbc481f759e991bd77faa7cb0419390899424a13c449ac21b7dc42d363a57fda6dad4b9def29e0757d30

  • SSDEEP

    12288:qNQLuCMrW1oNt0ZXJJgY2eEPmcT/wvfrW64fx7w8KuwPeRRQId:1Ur5N+JgpO0wC3O8TN3QId

Score
10/10

Malware Config

Targets

    • Target

      DCRAT.bin

    • Size

      1.2MB

    • MD5

      57a81d22ac81839a72406b2e0f6958b0

    • SHA1

      d9fdd8baeda33e66c695b3404a3f1ac9860bcfc7

    • SHA256

      b57a06999a93dd6493eec6a282134a6e7dcd07a7209020a35d6e848a094e79f7

    • SHA512

      5f270ef607ee0c24fe8bb1b1a7fa0432ab5fd78d90414b91b8f1be57b68e139145bf5f56a4ab6cd552e5b88398c3bb5db3fa5b41e922e93c613fdd86dc19130c

    • SSDEEP

      24576:QndjJct+y4641acJMHtWBhVeeGEP8L83+:1SaBNWQT8O

    Score
    10/10
    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Dcrat family

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

MITRE ATT&CK Matrix

Tasks