Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

4422b9adf0...7e.exe

windows7-x64

10

4422b9adf0...7e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4422b9adf033a3a550e8104dc9a09b2a14bc809119de1fcc89bc850f90daf07e

  • Size

    313KB

  • Sample

    221124-mya8psce4s

  • MD5

    343970152974787fcd3fa6aca31359d3

  • SHA1

    50e30e96a20e22e1885423b722a9b8ada981408a

  • SHA256

    4422b9adf033a3a550e8104dc9a09b2a14bc809119de1fcc89bc850f90daf07e

  • SHA512

    58fc1b242855b578172cdc9f54acc1085a921554899a52481ab13c8137c57d52d3fe1cc050ebd6ad9792da6cf7eb1a383b9676c1015ddc35377ee0d3a28d370e

  • SSDEEP

    6144:pmVKUv8vtQse2GoH1LbtF77OUSSXmUzZ0GkrBzIIL/7NOW:ksvtQsKothF7nSGxzmTB//7QW

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      4422b9adf033a3a550e8104dc9a09b2a14bc809119de1fcc89bc850f90daf07e

    • Size

      313KB

    • MD5

      343970152974787fcd3fa6aca31359d3

    • SHA1

      50e30e96a20e22e1885423b722a9b8ada981408a

    • SHA256

      4422b9adf033a3a550e8104dc9a09b2a14bc809119de1fcc89bc850f90daf07e

    • SHA512

      58fc1b242855b578172cdc9f54acc1085a921554899a52481ab13c8137c57d52d3fe1cc050ebd6ad9792da6cf7eb1a383b9676c1015ddc35377ee0d3a28d370e

    • SSDEEP

      6144:pmVKUv8vtQse2GoH1LbtF77OUSSXmUzZ0GkrBzIIL/7NOW:ksvtQsKothF7nSGxzmTB//7QW

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks