Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e

  • Size

    1.3MB

  • Sample

    221101-kza8zsaheq

  • MD5

    dec78fba70a50ca96495b0cfbe7bedce

  • SHA1

    2d679b686751a732dd73cf33ea1c29d8e4939784

  • SHA256

    5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e

  • SHA512

    1a1f3b326d98509193f0a31a3ff33966a254c9b0c2013e96c469c899a2828f81958e6f08859b433c081132c60a2ea38a4e3d3c25f410ca8eba00dba17529e26c

  • SSDEEP

    24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score
10/10

Malware Config

Targets

    • Target

      5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e

    • Size

      1.3MB

    • MD5

      dec78fba70a50ca96495b0cfbe7bedce

    • SHA1

      2d679b686751a732dd73cf33ea1c29d8e4939784

    • SHA256

      5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e

    • SHA512

      1a1f3b326d98509193f0a31a3ff33966a254c9b0c2013e96c469c899a2828f81958e6f08859b433c081132c60a2ea38a4e3d3c25f410ca8eba00dba17529e26c

    • SSDEEP

      24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

    Score
    10/10
    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.