Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

f25d5aaf5d...29.exe

windows7-x64

10

f25d5aaf5d...29.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f25d5aaf5db75844d979878065bf9459e457b19a57b31a97ff653e07fc637b29

  • Size

    183KB

  • Sample

    221205-x7xheacc9z

  • MD5

    f655dcae34c54f1d9fdd88ec300eddcc

  • SHA1

    b2fe35cfd45f06862a69877d2c1c932194ad3958

  • SHA256

    f25d5aaf5db75844d979878065bf9459e457b19a57b31a97ff653e07fc637b29

  • SHA512

    84a9be89c9404e0eb3a30b640252526858f4693f56ca6c25129e50da27e2fd98ad77257fb2f6854d6ae850a8821c75bdabd7af609a02d19cd64f311855ea7da1

  • SSDEEP

    3072:bMqKbTtCSIT0chwzzcdZKF8UvvoeWofjjpAVioRF8s//NLj6h+EvtR9:o9MMmwzlqUHoeWofjjpAViY/lH6h+Ev9

Score
10/10
gh0stratpersistencerat

Malware Config

Targets

    • Target

      f25d5aaf5db75844d979878065bf9459e457b19a57b31a97ff653e07fc637b29

    • Size

      183KB

    • MD5

      f655dcae34c54f1d9fdd88ec300eddcc

    • SHA1

      b2fe35cfd45f06862a69877d2c1c932194ad3958

    • SHA256

      f25d5aaf5db75844d979878065bf9459e457b19a57b31a97ff653e07fc637b29

    • SHA512

      84a9be89c9404e0eb3a30b640252526858f4693f56ca6c25129e50da27e2fd98ad77257fb2f6854d6ae850a8821c75bdabd7af609a02d19cd64f311855ea7da1

    • SSDEEP

      3072:bMqKbTtCSIT0chwzzcdZKF8UvvoeWofjjpAVioRF8s//NLj6h+EvtR9:o9MMmwzlqUHoeWofjjpAViY/lH6h+Ev9

    Score
    10/10
    gh0stratpersistencerat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks