Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d3e3b2de2bce779a60a5818aa59a98acfbc057d2ad71becb2b0abff8c382313e

  • Size

    1.4MB

  • Sample

    231013-1lmb4adh96

  • MD5

    dd95913ad2887c625e7a430bf732a93f

  • SHA1

    2558b15cf6b7a955265d34f67b5b616a76408f98

  • SHA256

    d3e3b2de2bce779a60a5818aa59a98acfbc057d2ad71becb2b0abff8c382313e

  • SHA512

    f76eb43cf85b724170055e77a2ff460d00c67cb446e86a993d11843b9bb9029e49de1a982fa43349b02aa26907b25feb96b7af2391c988b423db06d2b52293fe

  • SSDEEP

    24576:ROeh7E7IJbtEJEHng8wGrQTLq73xaH7pbH:ROWFJbtSMXoTLq73xK

Malware Config

Targets

    • Target

      d3e3b2de2bce779a60a5818aa59a98acfbc057d2ad71becb2b0abff8c382313e

    • Size

      1.4MB

    • MD5

      dd95913ad2887c625e7a430bf732a93f

    • SHA1

      2558b15cf6b7a955265d34f67b5b616a76408f98

    • SHA256

      d3e3b2de2bce779a60a5818aa59a98acfbc057d2ad71becb2b0abff8c382313e

    • SHA512

      f76eb43cf85b724170055e77a2ff460d00c67cb446e86a993d11843b9bb9029e49de1a982fa43349b02aa26907b25feb96b7af2391c988b423db06d2b52293fe

    • SSDEEP

      24576:ROeh7E7IJbtEJEHng8wGrQTLq73xaH7pbH:ROWFJbtSMXoTLq73xK

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks