Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    172bc885a07c0c1dc7fb64fefefac83863e7d7bb9d13956f0ae0596745d87787

  • Size

    51KB

  • Sample

    240530-dm3ddacc6v

  • MD5

    9231e83ab08773281b900d78f4314d87

  • SHA1

    6c49a63695c6b9a96d07652a47ce2127120a5803

  • SHA256

    172bc885a07c0c1dc7fb64fefefac83863e7d7bb9d13956f0ae0596745d87787

  • SHA512

    6a01c5b15b61863fef36a38d0caf560af824cad41152e6444629aa263472c01e974c70b15f1855bcd0ac28cfbe9e44fcc5d4fde5915530f985b95ed1826c1e9a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fboVJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      172bc885a07c0c1dc7fb64fefefac83863e7d7bb9d13956f0ae0596745d87787

    • Size

      51KB

    • MD5

      9231e83ab08773281b900d78f4314d87

    • SHA1

      6c49a63695c6b9a96d07652a47ce2127120a5803

    • SHA256

      172bc885a07c0c1dc7fb64fefefac83863e7d7bb9d13956f0ae0596745d87787

    • SHA512

      6a01c5b15b61863fef36a38d0caf560af824cad41152e6444629aa263472c01e974c70b15f1855bcd0ac28cfbe9e44fcc5d4fde5915530f985b95ed1826c1e9a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fboVJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks