Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90
-
Size
1.7MB
-
Sample
230922-ebq2mscf3s
-
MD5
e8eb1ec9deb48f871d5f0041f5376efd
-
SHA1
f2db4c8ef8a5a39d1b7dd34c82b6efd4664b4531
-
SHA256
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90
-
SHA512
6ee61fb70db05deb8921b250e198653ce5c9ba6da2e5f54290e82dfd4189aa82b9bdc422ad3a328ea6ce84315d0d0c9f2df061824c8952e36dd5169367caff9d
-
SSDEEP
24576:HcCAjahFqYIiOtKRoXCkX4rj69El3s1sJ:jAjgFiqvrWTs
Static task
static1
Behavioral task
behavioral1
Sample
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90
-
Size
1.7MB
-
MD5
e8eb1ec9deb48f871d5f0041f5376efd
-
SHA1
f2db4c8ef8a5a39d1b7dd34c82b6efd4664b4531
-
SHA256
883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90
-
SHA512
6ee61fb70db05deb8921b250e198653ce5c9ba6da2e5f54290e82dfd4189aa82b9bdc422ad3a328ea6ce84315d0d0c9f2df061824c8952e36dd5169367caff9d
-
SSDEEP
24576:HcCAjahFqYIiOtKRoXCkX4rj69El3s1sJ:jAjgFiqvrWTs
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-