Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b0e9d98bed7f4f8aac340222599bbb526a55e38ddd3f5ed4b7947c9be5fd4037
-
Size
1.3MB
-
Sample
221102-s28ahahhg7
-
MD5
56d52e51566e7807801c5bdfae7f064b
-
SHA1
3d897f8b78f03d472e4a04a4e56c9f37492c812d
-
SHA256
b0e9d98bed7f4f8aac340222599bbb526a55e38ddd3f5ed4b7947c9be5fd4037
-
SHA512
a9ac32eb0b303a59fe6814869238e55d01f178a9094b356f7765801a6b0cdab13ee8db5aefbbe1990ac62a008c8d6a362328f0e9e337720d4eb463cf22991746
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
b0e9d98bed7f4f8aac340222599bbb526a55e38ddd3f5ed4b7947c9be5fd4037.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
b0e9d98bed7f4f8aac340222599bbb526a55e38ddd3f5ed4b7947c9be5fd4037
-
Size
1.3MB
-
MD5
56d52e51566e7807801c5bdfae7f064b
-
SHA1
3d897f8b78f03d472e4a04a4e56c9f37492c812d
-
SHA256
b0e9d98bed7f4f8aac340222599bbb526a55e38ddd3f5ed4b7947c9be5fd4037
-
SHA512
a9ac32eb0b303a59fe6814869238e55d01f178a9094b356f7765801a6b0cdab13ee8db5aefbbe1990ac62a008c8d6a362328f0e9e337720d4eb463cf22991746
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-