Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7bcc7500fdad9ce121c2059f536a67592698e1037315fb4d685fccd41bc6c760

  • Size

    375KB

  • Sample

    221008-2jh3bsfhe2

  • MD5

    3890f83a871e63547e2afef374ec0664

  • SHA1

    ede3977fdfd11792c03bb3148fe80552415776e0

  • SHA256

    7bcc7500fdad9ce121c2059f536a67592698e1037315fb4d685fccd41bc6c760

  • SHA512

    f6867d31a9ae99425ac3f5deb5afe61f4e442e99b5c4e4a00fd0fa05dd52f7dd9ca2931ca35e76d460c59502db365dada10ee9a8ae3bbe7aabc2182afce214dc

  • SSDEEP

    6144:1v5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:14VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10

Malware Config

Targets

    • Target

      7bcc7500fdad9ce121c2059f536a67592698e1037315fb4d685fccd41bc6c760

    • Size

      375KB

    • MD5

      3890f83a871e63547e2afef374ec0664

    • SHA1

      ede3977fdfd11792c03bb3148fe80552415776e0

    • SHA256

      7bcc7500fdad9ce121c2059f536a67592698e1037315fb4d685fccd41bc6c760

    • SHA512

      f6867d31a9ae99425ac3f5deb5afe61f4e442e99b5c4e4a00fd0fa05dd52f7dd9ca2931ca35e76d460c59502db365dada10ee9a8ae3bbe7aabc2182afce214dc

    • SSDEEP

      6144:1v5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:14VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks