Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

d4e2368a84...9c.exe

windows7-x64

10

d4e2368a84...9c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d4e2368a849804a0c3e1c3478e53bf15618708489085a3dd988e4c51a8f2349c

  • Size

    89KB

  • Sample

    221021-e4lydscaf7

  • MD5

    55a2a638581ce1c259a850d264d28b84

  • SHA1

    a9e7525e238a5f1e90055397252d81dd5e00f0d2

  • SHA256

    d4e2368a849804a0c3e1c3478e53bf15618708489085a3dd988e4c51a8f2349c

  • SHA512

    4c7056b5973c65c187b48733109b0936a68e03cb024f1e215c8497b9d0b6397215b5b42766270d1b1cbb1c399806908e0064b93f1ae329edb1455358e4e5f23d

  • SSDEEP

    1536:rHIygkUcLXJ1jNkk7+K3BwSFCXte5tz4yC2ASelhEAiajhenUe:rHI0JXJ1NZn3Bw1Xte5WyC2AdhEAiaje

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      d4e2368a849804a0c3e1c3478e53bf15618708489085a3dd988e4c51a8f2349c

    • Size

      89KB

    • MD5

      55a2a638581ce1c259a850d264d28b84

    • SHA1

      a9e7525e238a5f1e90055397252d81dd5e00f0d2

    • SHA256

      d4e2368a849804a0c3e1c3478e53bf15618708489085a3dd988e4c51a8f2349c

    • SHA512

      4c7056b5973c65c187b48733109b0936a68e03cb024f1e215c8497b9d0b6397215b5b42766270d1b1cbb1c399806908e0064b93f1ae329edb1455358e4e5f23d

    • SSDEEP

      1536:rHIygkUcLXJ1jNkk7+K3BwSFCXte5tz4yC2ASelhEAiajhenUe:rHI0JXJ1NZn3Bw1Xte5WyC2AdhEAiaje

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks