Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
488291ee16052448a88ff5f4b4ff7472.exe
-
Size
828KB
-
Sample
240821-ccn8bsvbnd
-
MD5
488291ee16052448a88ff5f4b4ff7472
-
SHA1
b7f7a100fd8f36501de1fec9f277aa7f73918c15
-
SHA256
59587a702b395acaad29b4cd695d7c236ef19dba0375ad16010e7a170dc90929
-
SHA512
050af158ba434d95cc4e520675c1fc9c9079103ae9af853615044aa2df8d0f8990fc0da095fe7334c82897d3a303cc386298e9133479bd6a39bebb1245d28108
-
SSDEEP
12288:u9V+q0VaZWcItdHp6yY9gNmNpsrx5fpgEYjqnK9cG:gXeaZWrHp6wcYFbZYeKt
Behavioral task
behavioral1
Sample
488291ee16052448a88ff5f4b4ff7472.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
488291ee16052448a88ff5f4b4ff7472.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
488291ee16052448a88ff5f4b4ff7472.exe
-
Size
828KB
-
MD5
488291ee16052448a88ff5f4b4ff7472
-
SHA1
b7f7a100fd8f36501de1fec9f277aa7f73918c15
-
SHA256
59587a702b395acaad29b4cd695d7c236ef19dba0375ad16010e7a170dc90929
-
SHA512
050af158ba434d95cc4e520675c1fc9c9079103ae9af853615044aa2df8d0f8990fc0da095fe7334c82897d3a303cc386298e9133479bd6a39bebb1245d28108
-
SSDEEP
12288:u9V+q0VaZWcItdHp6yY9gNmNpsrx5fpgEYjqnK9cG:gXeaZWrHp6wcYFbZYeKt
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-