Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

招聘8000...��.exe

windows7-x64

10

招聘8000...��.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    急招.rar

  • Size

    791KB

  • Sample

    230717-n8cpysbe86

  • MD5

    7ee937062f3681f8fd93a18feb1ab547

  • SHA1

    7c0ffbd8d7498b4d94c55c40c3ff753206fe0561

  • SHA256

    0e7805ea5b6540e59b5ccbcec8429d53745500a73c0df9794b14f0a2b993413d

  • SHA512

    2b0f0a4c81483657cc0edc241c6507d754f21948bfdf1784c79c079c61507002b389a3c2d7ed3de277ec921c3d1773180b288cdc1c55167bc92bcba4950d076c

  • SSDEEP

    12288:INCA9Rsr8NcY/FtCGV6VST+y9iG8U4zaPvvlNOE6v84XcWpygzmAw+f7oI:CF9RQ8NyGV6bI78JIvvlNDZxwtzHw+H

Score
10/10
gh0stratratupx

Malware Config

Targets

    • Target

      招聘8000~10000急招!.exe

    • Size

      3.4MB

    • MD5

      15657565db569d1aa879e194dc00de93

    • SHA1

      9014d598e0e2d6567bb33e8cd23b9cdcf520ed35

    • SHA256

      689a0efe9b555bb7af55921445265076008b6f5e400587b2d40268220bb6cef6

    • SHA512

      872f034932b16aa3e8d35ef383906da497927f7f873e6c0c6a7bb6404275ad685bacb931f406a149722d979794e7249d9d860cc2c09143fde654a4b5d8b3374f

    • SSDEEP

      49152:qsmmparkOxyvT+yzUJ6Ya+AvTLaa6n57WA8J5:3kxtx/aR65T8J5

    Score
    10/10
    gh0stratratupx

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks