gh0strat | e595f9ff038332868902bcce95aa44b134c07a3ab6cb500ff4dfac4f00d4abf8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1336-61-0x...ry.dll

windows7-x64

1

1336-61-0x...ry.dll

windows10-2004-x64

1

Sharing

General

Target

1336-61-0x0000000010000000-0x0000000010079000-memory.dmp
Size

484KB
Sample

230607-q69b9abc79
MD5

b6b738628fde4e48e3c0576342e79fd2
SHA1

f893b640c2e53741ead5a59681dc2cdf71f1be80
SHA256

e595f9ff038332868902bcce95aa44b134c07a3ab6cb500ff4dfac4f00d4abf8
SHA512

8a9a3cc9ee9e76778a51d5f10559ff97b63f9e9284c76ef3de367be819d2c6b55ade430ee0be8ede75cb1c88a390cd94aaaf83788c76d2e760707cbcd0b92448
SSDEEP

12288:tF284tTmhZaNcktl+YB/6Yas7ebgP26URczEp/:tF2DtTyZC+YB/PaBbg+6a

Score

10^/10

gh0strat upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

1336-61-0x0000000010000000-0x0000000010079000-memory.dll

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

1336-61-0x0000000010000000-0x0000000010079000-memory.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

192.168.1.101

Targets

- Target
  
  1336-61-0x0000000010000000-0x0000000010079000-memory.dmp
- Size
  
  484KB
- MD5
  
  b6b738628fde4e48e3c0576342e79fd2
- SHA1
  
  f893b640c2e53741ead5a59681dc2cdf71f1be80
- SHA256
  
  e595f9ff038332868902bcce95aa44b134c07a3ab6cb500ff4dfac4f00d4abf8
- SHA512
  
  8a9a3cc9ee9e76778a51d5f10559ff97b63f9e9284c76ef3de367be819d2c6b55ade430ee0be8ede75cb1c88a390cd94aaaf83788c76d2e760707cbcd0b92448
- SSDEEP
  
  12288:tF284tTmhZaNcktl+YB/6Yas7ebgP26URczEp/:tF2DtTyZC+YB/PaBbg+6a
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy