Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8b758ccdfb...e9.exe

windows7-x64

7

8b758ccdfb...e9.exe

windows10-2004-x64

7

a1b468e955...5f.exe

windows7-x64

7

a1b468e955...5f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Win32.GhostSec.zip

  • Size

    7.8MB

  • Sample

    240422-yzpy2aff71

  • MD5

    fc111eb72cd394a0dc6c785f321745ad

  • SHA1

    5223db383114366949a1eaf3a25db69cde5c528a

  • SHA256

    90a2d935dcd1ea5a18ffb8194f9a8893ca2f62c9deaccbc8c94855b770387ea2

  • SHA512

    c790890f715332db9f4b37c1ab9b3011c5f7ef338af55b966b00bd096bbe1a2c0acfe35f7b8a7cecaa1b7c03a6fad16c435bd5348b5f20798f76f6c4ecfafdaf

  • SSDEEP

    196608:xI+eYXW7cupNAYIP7z7LpMHPLlGn5ymyp0fdcgAEZ:xU8eFcfT/ivhMymVcV+

Score
10/10
ghostlockerpersistence

Malware Config

Extracted

Family

ghostlocker

C2

http://94.103.91.246/addInfection

http://94.103.91.246/incrementLaunch

Targets

    • Target

      8b758ccdfbfa5ff3a0b67b2063c2397531cf0f7b3d278298da76528f443779e9

    • Size

      7.0MB

    • MD5

      8ad67a1b7a5f2428c93f7a13a398e39c

    • SHA1

      d4f71fc5479a02c8ff57c90fc67b948adb5604e0

    • SHA256

      8b758ccdfbfa5ff3a0b67b2063c2397531cf0f7b3d278298da76528f443779e9

    • SHA512

      57475600b531b3b80936bf3015d5a38bba61cfac793cb4de9985d4e4b0afdc12f7f591ecdc8e9f9fd2dcb7b0e3d2fe851f33f80ba2888730774f73ac8ab34b5c

    • SSDEEP

      98304:UNmXStQHQu1OCUPExButIaUgF246UZ0R+xp2exp2U3KQ5KntG:2Bt2Qu1OAxW2kyRU913KQ

    Score
    7/10
    persistence

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      a1b468e9550f9960c5e60f7c52ca3c058de19d42eafa760b9d5282eb24b7c55f

    • Size

      7.0MB

    • MD5

      f001329114937fbc439f251c803ba825

    • SHA1

      95ae81de52655fac3f1b226f1896690566090640

    • SHA256

      a1b468e9550f9960c5e60f7c52ca3c058de19d42eafa760b9d5282eb24b7c55f

    • SHA512

      2148b2d2aa3c5d70cb975a31b3026fa618b633122f1b953e4a0efe5c03e86058f63161fad0fb4f5dbebcf3f9634b5fd89b98200c6158c125b03abf42d6c04d26

    • SSDEEP

      98304:nc73qiu3g8TIvjESButfoF+6UGzzFBLzA2PP8e:cmh3g8TI4SnCGVBL02P0

    Score
    7/10

    • Drops startup file

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks