Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ce171c70c52d08b43b7f6bd0847c4fe29147d2eb7e88d642993d1bd5ff349b9
-
Size
1.3MB
-
Sample
221031-ypgjxaddbj
-
MD5
69317a2bd7d7f4a302929667f95e69f8
-
SHA1
d86e2df29bedf0690e741ff3460289618272bd32
-
SHA256
6ce171c70c52d08b43b7f6bd0847c4fe29147d2eb7e88d642993d1bd5ff349b9
-
SHA512
fcb8f90c18cb1b4e496e6091d7ddfe97a6326f2e7a1519719305f58d276759c34d31842c37d56e7959f7ccb25ee12163cc8f7e962685cc641eccd16aad4fc697
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
6ce171c70c52d08b43b7f6bd0847c4fe29147d2eb7e88d642993d1bd5ff349b9.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
6ce171c70c52d08b43b7f6bd0847c4fe29147d2eb7e88d642993d1bd5ff349b9
-
Size
1.3MB
-
MD5
69317a2bd7d7f4a302929667f95e69f8
-
SHA1
d86e2df29bedf0690e741ff3460289618272bd32
-
SHA256
6ce171c70c52d08b43b7f6bd0847c4fe29147d2eb7e88d642993d1bd5ff349b9
-
SHA512
fcb8f90c18cb1b4e496e6091d7ddfe97a6326f2e7a1519719305f58d276759c34d31842c37d56e7959f7ccb25ee12163cc8f7e962685cc641eccd16aad4fc697
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-