Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

845bf1354c...04.dll

windows7-x64

10

845bf1354c...04.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    845bf1354caa7b63ebbc018675c664f7fdc5d62c8ca54a1b9666a5e6fdbbac04

  • Size

    124KB

  • Sample

    221206-ccdrlaga84

  • MD5

    3dc3b47082e3ca911c9a81182a4b71c9

  • SHA1

    90ecb80a910ed2e55f8c45ae65a729820a72fbd2

  • SHA256

    845bf1354caa7b63ebbc018675c664f7fdc5d62c8ca54a1b9666a5e6fdbbac04

  • SHA512

    996ef53596cade0106a2bd15c57c02121128d17b536356784361e632dd3fae0cce6b38aa62e5732a97fbe884b738c171c4311988ea2d8f2b963dd7cc277c92ae

  • SSDEEP

    3072:qRn1vFHCqcDVvR7p0+8u9NMK+kl5wHrmXmLeout:IDHRciu9NMrkbwHgceoS

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      845bf1354caa7b63ebbc018675c664f7fdc5d62c8ca54a1b9666a5e6fdbbac04

    • Size

      124KB

    • MD5

      3dc3b47082e3ca911c9a81182a4b71c9

    • SHA1

      90ecb80a910ed2e55f8c45ae65a729820a72fbd2

    • SHA256

      845bf1354caa7b63ebbc018675c664f7fdc5d62c8ca54a1b9666a5e6fdbbac04

    • SHA512

      996ef53596cade0106a2bd15c57c02121128d17b536356784361e632dd3fae0cce6b38aa62e5732a97fbe884b738c171c4311988ea2d8f2b963dd7cc277c92ae

    • SSDEEP

      3072:qRn1vFHCqcDVvR7p0+8u9NMK+kl5wHrmXmLeout:IDHRciu9NMrkbwHgceoS

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks