Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b046da80787fed0792c71c1e12aa0c8fe8820d7ae596d35b14bc7b59d1b25d52

  • Size

    524KB

  • Sample

    231102-2l1p6age7x

  • MD5

    ec4f2a8591e9713ddf2d5477e3a54fd6

  • SHA1

    79c651cb242fcb589a956a325b2976696634d914

  • SHA256

    b046da80787fed0792c71c1e12aa0c8fe8820d7ae596d35b14bc7b59d1b25d52

  • SHA512

    d019205571bd7abcd0962ba8ac541ccaf3ce496a3a1c14692e166476841fcd53caf66a5f822160a0379bbaea8ec4e4d43f1af199fa346963e6be15825db838d4

  • SSDEEP

    12288:CdQrj/XnkIz2wf9kcvb9kuczLXfWfo10NS6RPRb1:VzT9hczLX8nb1

Malware Config

Targets

    • Target

      b046da80787fed0792c71c1e12aa0c8fe8820d7ae596d35b14bc7b59d1b25d52

    • Size

      524KB

    • MD5

      ec4f2a8591e9713ddf2d5477e3a54fd6

    • SHA1

      79c651cb242fcb589a956a325b2976696634d914

    • SHA256

      b046da80787fed0792c71c1e12aa0c8fe8820d7ae596d35b14bc7b59d1b25d52

    • SHA512

      d019205571bd7abcd0962ba8ac541ccaf3ce496a3a1c14692e166476841fcd53caf66a5f822160a0379bbaea8ec4e4d43f1af199fa346963e6be15825db838d4

    • SSDEEP

      12288:CdQrj/XnkIz2wf9kcvb9kuczLXfWfo10NS6RPRb1:VzT9hczLX8nb1

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks