Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ef3c1cd0f4...34.exe

windows7-x64

10

ef3c1cd0f4...34.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef3c1cd0f41f0c86f0c35062db57715c9d98f52a00767148593ef93aa2d05934

  • Size

    37KB

  • Sample

    231006-my3yqaaf9y

  • MD5

    e1be3b5c37330b6157873e664dc37559

  • SHA1

    ac972882c23034805eeccaa01c9a11b11343e3ab

  • SHA256

    ef3c1cd0f41f0c86f0c35062db57715c9d98f52a00767148593ef93aa2d05934

  • SHA512

    d3042aa2eeab95c85fd901d841024df2874e895ad2de613f64f85741995ed87324e210a0719a366f85f65156a7619690488f22f32e1441996ff7753dab070cc1

  • SSDEEP

    768:VqRxOSgfCw0Ntlu8ayS4LB9QDP+hBgrX:YO9Cw0/E8aySWQX

Score
10/10
gh0stratpersistencerat

Malware Config

Targets

    • Target

      ef3c1cd0f41f0c86f0c35062db57715c9d98f52a00767148593ef93aa2d05934

    • Size

      37KB

    • MD5

      e1be3b5c37330b6157873e664dc37559

    • SHA1

      ac972882c23034805eeccaa01c9a11b11343e3ab

    • SHA256

      ef3c1cd0f41f0c86f0c35062db57715c9d98f52a00767148593ef93aa2d05934

    • SHA512

      d3042aa2eeab95c85fd901d841024df2874e895ad2de613f64f85741995ed87324e210a0719a366f85f65156a7619690488f22f32e1441996ff7753dab070cc1

    • SSDEEP

      768:VqRxOSgfCw0Ntlu8ayS4LB9QDP+hBgrX:YO9Cw0/E8aySWQX

    Score
    10/10
    gh0stratpersistencerat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks