Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

883e90cbf2...90.exe

windows7-x64

7

883e90cbf2...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90

  • Size

    1.7MB

  • Sample

    230922-ebq2mscf3s

  • MD5

    e8eb1ec9deb48f871d5f0041f5376efd

  • SHA1

    f2db4c8ef8a5a39d1b7dd34c82b6efd4664b4531

  • SHA256

    883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90

  • SHA512

    6ee61fb70db05deb8921b250e198653ce5c9ba6da2e5f54290e82dfd4189aa82b9bdc422ad3a328ea6ce84315d0d0c9f2df061824c8952e36dd5169367caff9d

  • SSDEEP

    24576:HcCAjahFqYIiOtKRoXCkX4rj69El3s1sJ:jAjgFiqvrWTs

Score
10/10
dcratinfostealerrat

Malware Config

Targets

    • Target

      883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90

    • Size

      1.7MB

    • MD5

      e8eb1ec9deb48f871d5f0041f5376efd

    • SHA1

      f2db4c8ef8a5a39d1b7dd34c82b6efd4664b4531

    • SHA256

      883e90cbf2b203e43bbd4dc84d1389f13876348269356b43028b2b94a27f3e90

    • SHA512

      6ee61fb70db05deb8921b250e198653ce5c9ba6da2e5f54290e82dfd4189aa82b9bdc422ad3a328ea6ce84315d0d0c9f2df061824c8952e36dd5169367caff9d

    • SSDEEP

      24576:HcCAjahFqYIiOtKRoXCkX4rj69El3s1sJ:jAjgFiqvrWTs

    Score
    10/10
    dcratinfostealerrat

    • DcRat

      DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

      ratinfostealerdcrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks