Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    759859709a2b91ee500201d9616f3a5d38c9c0e4313aa81c18ed125225a5540b

  • Size

    375KB

  • Sample

    221011-y4a1nschfj

  • MD5

    29aa8a4d1d634461eb3ebf3227194c87

  • SHA1

    4561d01e687a84e5cdb2e85cc5ff6e2bbd686c20

  • SHA256

    759859709a2b91ee500201d9616f3a5d38c9c0e4313aa81c18ed125225a5540b

  • SHA512

    689628b09de3522b61bb7295fd30ad31748c96f3b0d5d7f20960bf54f9e09fb2466306472495c77fd5a81d05c04493203208e5b2bf1e539822dcf5a55714e5f9

  • SSDEEP

    6144:1v5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:14VOiF1WD7kE1dTYOi8V5u23zmWFy4

Score
10/10

Malware Config

Targets

    • Target

      759859709a2b91ee500201d9616f3a5d38c9c0e4313aa81c18ed125225a5540b

    • Size

      375KB

    • MD5

      29aa8a4d1d634461eb3ebf3227194c87

    • SHA1

      4561d01e687a84e5cdb2e85cc5ff6e2bbd686c20

    • SHA256

      759859709a2b91ee500201d9616f3a5d38c9c0e4313aa81c18ed125225a5540b

    • SHA512

      689628b09de3522b61bb7295fd30ad31748c96f3b0d5d7f20960bf54f9e09fb2466306472495c77fd5a81d05c04493203208e5b2bf1e539822dcf5a55714e5f9

    • SSDEEP

      6144:1v5zQJVb5p72cHF1ybDFwekh212KhvwIb759QOaBjpaVRPu23E2rJmWjFc94:14VOiF1WD7kE1dTYOi8V5u23zmWFy4

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks