Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7b9e742c8e305a44ed427af223005391238c2e4bd8d16c582655a9d2e3168d62

  • Size

    131KB

  • Sample

    220919-yvfvkabafj

  • MD5

    70e3d041edc2fecbc749777426b63eeb

  • SHA1

    e8165053db240bbf7ec758d43b99ae777a80ec3b

  • SHA256

    7b9e742c8e305a44ed427af223005391238c2e4bd8d16c582655a9d2e3168d62

  • SHA512

    c8bfe2d1bc77053364e8cdb1c0ac5d1665fba63353a4f812208a28dd0206a0a9bbd7d13a8663a15871051f97864124dd69f3a5dd2c7691ba18c4e32980a27b64

  • SSDEEP

    3072:gu+gqlgByBTEur7VsuRh/DBiE/8bNJFXwccx+tJdnJ0:gSDyBTE0V1LDw5N3gccqJdnJ0

Malware Config

Targets

    • Target

      7b9e742c8e305a44ed427af223005391238c2e4bd8d16c582655a9d2e3168d62

    • Size

      131KB

    • MD5

      70e3d041edc2fecbc749777426b63eeb

    • SHA1

      e8165053db240bbf7ec758d43b99ae777a80ec3b

    • SHA256

      7b9e742c8e305a44ed427af223005391238c2e4bd8d16c582655a9d2e3168d62

    • SHA512

      c8bfe2d1bc77053364e8cdb1c0ac5d1665fba63353a4f812208a28dd0206a0a9bbd7d13a8663a15871051f97864124dd69f3a5dd2c7691ba18c4e32980a27b64

    • SSDEEP

      3072:gu+gqlgByBTEur7VsuRh/DBiE/8bNJFXwccx+tJdnJ0:gSDyBTE0V1LDw5N3gccqJdnJ0

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Sets DLL path for service in the registry

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks