Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a51d22ba071380bc48c5754fc9f4d92ac7efa8bb5566fc2b80f776e81a947f5

  • Size

    899KB

  • Sample

    240530-d9f4nadb6t

  • MD5

    c293433d9527a94585ba94574ce7f356

  • SHA1

    85478d621056ef62b072f726d90adc75a4089441

  • SHA256

    6a51d22ba071380bc48c5754fc9f4d92ac7efa8bb5566fc2b80f776e81a947f5

  • SHA512

    21dd27e4fd77c92bd08b6866551aef6ca6730b05bed2fe203eee3e7d1c7802c513c6b430c23615476246cf7ae437af290c82e8b7f8d215d54cf53e29123370ec

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXy:7wqd87Vy

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      6a51d22ba071380bc48c5754fc9f4d92ac7efa8bb5566fc2b80f776e81a947f5

    • Size

      899KB

    • MD5

      c293433d9527a94585ba94574ce7f356

    • SHA1

      85478d621056ef62b072f726d90adc75a4089441

    • SHA256

      6a51d22ba071380bc48c5754fc9f4d92ac7efa8bb5566fc2b80f776e81a947f5

    • SHA512

      21dd27e4fd77c92bd08b6866551aef6ca6730b05bed2fe203eee3e7d1c7802c513c6b430c23615476246cf7ae437af290c82e8b7f8d215d54cf53e29123370ec

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXy:7wqd87Vy

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks