Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

e15e51d84f...bd.dll

windows7-x64

10

e15e51d84f...bd.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e15e51d84f7bb087d0d9722d3ff7d376dc9469f490cdd7424b0992720b276ebd

  • Size

    133KB

  • Sample

    221206-1l2f1sac4z

  • MD5

    b8f6ee37da1463c2c68c45eccb8c3270

  • SHA1

    ab96af06f7f0d8a4499405ca014dd0120432a297

  • SHA256

    e15e51d84f7bb087d0d9722d3ff7d376dc9469f490cdd7424b0992720b276ebd

  • SHA512

    9f2808d474e807d95b366a7683ec5186636cef444b2a36164d8c51f9b9bc61652afa38bf6cafa4791b111d59f8f7a34735694bfd1c49092743089c127fef4545

  • SSDEEP

    3072:wixrcYyNNBxIf58d6UuSMhXk22T94oz7vEEZzcdzJO:BANBxIxh0u4TSg7vECzcR0

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      e15e51d84f7bb087d0d9722d3ff7d376dc9469f490cdd7424b0992720b276ebd

    • Size

      133KB

    • MD5

      b8f6ee37da1463c2c68c45eccb8c3270

    • SHA1

      ab96af06f7f0d8a4499405ca014dd0120432a297

    • SHA256

      e15e51d84f7bb087d0d9722d3ff7d376dc9469f490cdd7424b0992720b276ebd

    • SHA512

      9f2808d474e807d95b366a7683ec5186636cef444b2a36164d8c51f9b9bc61652afa38bf6cafa4791b111d59f8f7a34735694bfd1c49092743089c127fef4545

    • SSDEEP

      3072:wixrcYyNNBxIf58d6UuSMhXk22T94oz7vEEZzcdzJO:BANBxIxh0u4TSg7vECzcR0

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks