Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
df1cbce0169bf74376f9c777c704a5128ec37966359c8ffad8d8d820f876a78c
-
Size
1.2MB
-
Sample
231211-gsdtraehfr
-
MD5
ee314caa19f51ff2010bf31bd89c0d45
-
SHA1
54579d7258c887b2ffbcc963d0f090b9fec91931
-
SHA256
df1cbce0169bf74376f9c777c704a5128ec37966359c8ffad8d8d820f876a78c
-
SHA512
64bc4978c4e09cfec6aa8166d20db5e11d83b086c7c3ba7727ac1d1c7174c7b3fe9b717f536d28c47e58023370389e03f6ec34b40f13002cd93f7b0cf5fe52ad
-
SSDEEP
24576:5068q4ii3ZfYGKGKrBJXkvkrcwlyDghKFroghjeezMjjm6JK0Sx0p0t:Otr339YGKGKv9czgh0vaeWvJK0gH
Malware Config
Targets
-
-
Target
df1cbce0169bf74376f9c777c704a5128ec37966359c8ffad8d8d820f876a78c
-
Size
1.2MB
-
MD5
ee314caa19f51ff2010bf31bd89c0d45
-
SHA1
54579d7258c887b2ffbcc963d0f090b9fec91931
-
SHA256
df1cbce0169bf74376f9c777c704a5128ec37966359c8ffad8d8d820f876a78c
-
SHA512
64bc4978c4e09cfec6aa8166d20db5e11d83b086c7c3ba7727ac1d1c7174c7b3fe9b717f536d28c47e58023370389e03f6ec34b40f13002cd93f7b0cf5fe52ad
-
SSDEEP
24576:5068q4ii3ZfYGKGKrBJXkvkrcwlyDghKFroghjeezMjjm6JK0Sx0p0t:Otr339YGKGKv9czgh0vaeWvJK0gH
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Executes dropped EXE
-
Loads dropped DLL
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-