Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5710c81f46196bc58638f4ae9791cfe3003ccfe74a93882fa0a4f1906b1df23e

  • Size

    1.3MB

  • Sample

    221104-2pr77abgb7

  • MD5

    4d5f2ddb9e3995b4580a5ad8cfa5e62a

  • SHA1

    76dd9a9ef02b0fba13aa958277a05a3ef7b3f151

  • SHA256

    5710c81f46196bc58638f4ae9791cfe3003ccfe74a93882fa0a4f1906b1df23e

  • SHA512

    db4027e7aa0954935958fa51ffc19aa646a309eeb4626ebe14f202800326e05e2a918c45e09e66b98a0de72c8a1955395c72b1492b3ee118605b93edc18fd07e

  • SSDEEP

    24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

Score
10/10

Malware Config

Targets

    • Target

      5710c81f46196bc58638f4ae9791cfe3003ccfe74a93882fa0a4f1906b1df23e

    • Size

      1.3MB

    • MD5

      4d5f2ddb9e3995b4580a5ad8cfa5e62a

    • SHA1

      76dd9a9ef02b0fba13aa958277a05a3ef7b3f151

    • SHA256

      5710c81f46196bc58638f4ae9791cfe3003ccfe74a93882fa0a4f1906b1df23e

    • SHA512

      db4027e7aa0954935958fa51ffc19aa646a309eeb4626ebe14f202800326e05e2a918c45e09e66b98a0de72c8a1955395c72b1492b3ee118605b93edc18fd07e

    • SSDEEP

      24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg

    Score
    10/10
    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • DCRat payload

      Detects payload of DCRat, commonly dropped by NSIS installers.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks