Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a0f5dcc4e57278f186d686e26eb4f084891ea78880e65dec1cdfafe877dbf56
-
Size
1.3MB
-
Sample
230203-j7nzdagd81
-
MD5
c18810c18d1f623b74e82019d7181fd9
-
SHA1
c8164cb1553388dbea396f9faa15dc6b07f62c18
-
SHA256
1a0f5dcc4e57278f186d686e26eb4f084891ea78880e65dec1cdfafe877dbf56
-
SHA512
dad7f6777de9ddc55899c3f9fcf653faf2862c2e103cbf0ecc108e0de0d2da12d1c890b98614602302466bf1cbcd68dc1279d7bafe7f8e8c9390b32a02fd3a60
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
1a0f5dcc4e57278f186d686e26eb4f084891ea78880e65dec1cdfafe877dbf56.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
1a0f5dcc4e57278f186d686e26eb4f084891ea78880e65dec1cdfafe877dbf56
-
Size
1.3MB
-
MD5
c18810c18d1f623b74e82019d7181fd9
-
SHA1
c8164cb1553388dbea396f9faa15dc6b07f62c18
-
SHA256
1a0f5dcc4e57278f186d686e26eb4f084891ea78880e65dec1cdfafe877dbf56
-
SHA512
dad7f6777de9ddc55899c3f9fcf653faf2862c2e103cbf0ecc108e0de0d2da12d1c890b98614602302466bf1cbcd68dc1279d7bafe7f8e8c9390b32a02fd3a60
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-