Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a62e29d291617c2fe56bb602880f398acb546456912428e4c493f3122f6f5b1a
-
Size
375KB
-
Sample
221005-xnnq6afce5
-
MD5
aa686d8290261376e6cef65e9187bccb
-
SHA1
9141007472c3948b790adfc1811a9c892beea950
-
SHA256
a62e29d291617c2fe56bb602880f398acb546456912428e4c493f3122f6f5b1a
-
SHA512
46c7e3ed3b277dec3ce4ac2c7f0f134e6f9aa5164d3322259cf317170f60c58fbb2467e06f3f89e8d9116b5d7ed2c8bb3b248d7a50eb0c102df0005fecce0d7b
-
SSDEEP
6144:Sv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:S4VOiF1WD7kE1dTYOi8V5u23zmWFy4
Malware Config
Targets
-
-
Target
a62e29d291617c2fe56bb602880f398acb546456912428e4c493f3122f6f5b1a
-
Size
375KB
-
MD5
aa686d8290261376e6cef65e9187bccb
-
SHA1
9141007472c3948b790adfc1811a9c892beea950
-
SHA256
a62e29d291617c2fe56bb602880f398acb546456912428e4c493f3122f6f5b1a
-
SHA512
46c7e3ed3b277dec3ce4ac2c7f0f134e6f9aa5164d3322259cf317170f60c58fbb2467e06f3f89e8d9116b5d7ed2c8bb3b248d7a50eb0c102df0005fecce0d7b
-
SSDEEP
6144:Sv5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:S4VOiF1WD7kE1dTYOi8V5u23zmWFy4
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-