Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

bd919e1f8b...75.exe

windows7-x64

10

bd919e1f8b...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd919e1f8b83a02e64622a5f6a583067d661647eb346f6bf89b4add64c061d75

  • Size

    180KB

  • Sample

    230524-x4gb1see45

  • MD5

    68e99b7e1804de0056b87b810faf896e

  • SHA1

    78b4f323eadd796bc85610926308db82ff1c24b1

  • SHA256

    bd919e1f8b83a02e64622a5f6a583067d661647eb346f6bf89b4add64c061d75

  • SHA512

    ecbf85b332c4b9971e0dd45fafda63b467b4790b204cc6c16887f7fc4a65f89160df4f3bc72baee078f9139c9ccbea0e15ee3a555df58b4408cf85adeef56b5d

  • SSDEEP

    3072:LwI2iWTWP6M1DA57yZU6OnJLMML7grZmvl8EumtZmvl8EHHdY:L4iPCMqMZ0JQMninW

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      bd919e1f8b83a02e64622a5f6a583067d661647eb346f6bf89b4add64c061d75

    • Size

      180KB

    • MD5

      68e99b7e1804de0056b87b810faf896e

    • SHA1

      78b4f323eadd796bc85610926308db82ff1c24b1

    • SHA256

      bd919e1f8b83a02e64622a5f6a583067d661647eb346f6bf89b4add64c061d75

    • SHA512

      ecbf85b332c4b9971e0dd45fafda63b467b4790b204cc6c16887f7fc4a65f89160df4f3bc72baee078f9139c9ccbea0e15ee3a555df58b4408cf85adeef56b5d

    • SSDEEP

      3072:LwI2iWTWP6M1DA57yZU6OnJLMML7grZmvl8EumtZmvl8EHHdY:L4iPCMqMZ0JQMninW

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Downloads MZ/PE file

    • Modifies RDP port number used by Windows

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks