Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e
-
Size
1.3MB
-
Sample
221101-kza8zsaheq
-
MD5
dec78fba70a50ca96495b0cfbe7bedce
-
SHA1
2d679b686751a732dd73cf33ea1c29d8e4939784
-
SHA256
5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e
-
SHA512
1a1f3b326d98509193f0a31a3ff33966a254c9b0c2013e96c469c899a2828f81958e6f08859b433c081132c60a2ea38a4e3d3c25f410ca8eba00dba17529e26c
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e
-
Size
1.3MB
-
MD5
dec78fba70a50ca96495b0cfbe7bedce
-
SHA1
2d679b686751a732dd73cf33ea1c29d8e4939784
-
SHA256
5f3b4498eeea5ac29ac49638c2e9a85a9877ce24ee41de33bc266b4eb308891e
-
SHA512
1a1f3b326d98509193f0a31a3ff33966a254c9b0c2013e96c469c899a2828f81958e6f08859b433c081132c60a2ea38a4e3d3c25f410ca8eba00dba17529e26c
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-