Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d5a6b12681...b8.exe

windows7-x64

10

d5a6b12681...b8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5a6b126816a5d56d0718faac25199b8

  • Size

    130KB

  • Sample

    240319-kaly7afe61

  • MD5

    d5a6b126816a5d56d0718faac25199b8

  • SHA1

    95675d1c804d6a4e3dc3e660ea13d5ebcb444e59

  • SHA256

    11cc9769e39533d167c907b9d64644b1814e83fdf32b0b71731ff7bd2490d4f4

  • SHA512

    499dae26a065be82f8166995c8a190fb8110b3efbac0c772eabf8f78dbdb0b9987ec0e8480da420de2680a7590917bdcfca0329c31cba73b685e8d323b7d6183

  • SSDEEP

    3072:U2kiTCHGakO614R51OfUTiWUmdsONtAqGEefX:ULiTCHGaZ6c17NUmKoCqJQX

Score
10/10
gh0stratpersistencerat

Malware Config

Targets

    • Target

      d5a6b126816a5d56d0718faac25199b8

    • Size

      130KB

    • MD5

      d5a6b126816a5d56d0718faac25199b8

    • SHA1

      95675d1c804d6a4e3dc3e660ea13d5ebcb444e59

    • SHA256

      11cc9769e39533d167c907b9d64644b1814e83fdf32b0b71731ff7bd2490d4f4

    • SHA512

      499dae26a065be82f8166995c8a190fb8110b3efbac0c772eabf8f78dbdb0b9987ec0e8480da420de2680a7590917bdcfca0329c31cba73b685e8d323b7d6183

    • SSDEEP

      3072:U2kiTCHGakO614R51OfUTiWUmdsONtAqGEefX:ULiTCHGaZ6c17NUmKoCqJQX

    Score
    10/10
    gh0stratratpersistence

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks