Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
HEUR-Trojan.MSIL.Generic-b12fbaf6b6ba8add5b7d.exe
-
Size
768KB
-
Sample
230104-n31jtsaf4y
-
MD5
ca77b734327afb186e37d78d948034e8
-
SHA1
73d0f64044802166bf6c3ca982a3f5ba5405c81e
-
SHA256
b12fbaf6b6ba8add5b7d2f86c8dc9020e087a164b7a022c0058dd397754352f4
-
SHA512
d03b22bca2262f4acd8054c419dac9af28f33b90950104bed89cf2e35419f373f0d306e8a08532eab2c99e2d11bec0093c38fd1040a78e063225948b4add7050
-
SSDEEP
12288:kr9okJ1XGTNrrxqFcT7K2p+CMWOvE+LKxPSRwqTqHjgL2NdLwQmhJSGwHDkP:C9rqJS2AxZWp5Hj8oOFQD8
Static task
static1
Behavioral task
behavioral1
Sample
HEUR-Trojan.MSIL.Generic-b12fbaf6b6ba8add5b7d.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
HEUR-Trojan.MSIL.Generic-b12fbaf6b6ba8add5b7d.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
HEUR-Trojan.MSIL.Generic-b12fbaf6b6ba8add5b7d.exe
-
Size
768KB
-
MD5
ca77b734327afb186e37d78d948034e8
-
SHA1
73d0f64044802166bf6c3ca982a3f5ba5405c81e
-
SHA256
b12fbaf6b6ba8add5b7d2f86c8dc9020e087a164b7a022c0058dd397754352f4
-
SHA512
d03b22bca2262f4acd8054c419dac9af28f33b90950104bed89cf2e35419f373f0d306e8a08532eab2c99e2d11bec0093c38fd1040a78e063225948b4add7050
-
SSDEEP
12288:kr9okJ1XGTNrrxqFcT7K2p+CMWOvE+LKxPSRwqTqHjgL2NdLwQmhJSGwHDkP:C9rqJS2AxZWp5Hj8oOFQD8
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-