Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

beb3095598...74.exe

windows7-x64

10

beb3095598...74.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    beb30955982281f5e0d08c2f9291441dfbe91eb69289fafb97517b5bd694e674

  • Size

    150KB

  • Sample

    221202-13e94shf68

  • MD5

    3c572a8ae14c61812ba2441616d35ee0

  • SHA1

    40a9bc3539a59c8bdf93c67fecdbbd72ffc88a11

  • SHA256

    beb30955982281f5e0d08c2f9291441dfbe91eb69289fafb97517b5bd694e674

  • SHA512

    bac3b8efc9fff502e6181575a8a3d27cb0c2b223df82a07754b2879f67ee3590dfef833694be80e215918e4bff38ecf834ce60fe0ba1d7312756d3f5355b252b

  • SSDEEP

    3072:6ldlXTPtEgUJmh+aDY+puszTjGkZHKZApg0P77mag417WHFRlyAtd6A+:6RTPtEgTh+aDyszTKkZH1pg0P7rb7Wlq

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      beb30955982281f5e0d08c2f9291441dfbe91eb69289fafb97517b5bd694e674

    • Size

      150KB

    • MD5

      3c572a8ae14c61812ba2441616d35ee0

    • SHA1

      40a9bc3539a59c8bdf93c67fecdbbd72ffc88a11

    • SHA256

      beb30955982281f5e0d08c2f9291441dfbe91eb69289fafb97517b5bd694e674

    • SHA512

      bac3b8efc9fff502e6181575a8a3d27cb0c2b223df82a07754b2879f67ee3590dfef833694be80e215918e4bff38ecf834ce60fe0ba1d7312756d3f5355b252b

    • SSDEEP

      3072:6ldlXTPtEgUJmh+aDY+puszTjGkZHKZApg0P77mag417WHFRlyAtd6A+:6RTPtEgTh+aDyszTKkZH1pg0P7rb7Wlq

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks