Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    748ea3abed6b67fb321a48d041139078b95357a485799466a3d1f84fe2147ad0

  • Size

    51KB

  • Sample

    240530-ew1ftaec5t

  • MD5

    8fecc6916ee85d78f51d75a4ab8ed2db

  • SHA1

    f594af83e27bc88d0501658cfcb23fb4a90bf060

  • SHA256

    748ea3abed6b67fb321a48d041139078b95357a485799466a3d1f84fe2147ad0

  • SHA512

    7af0bec49a95fe989c5bb9474d6699dc4da1234090c207f9a2eab98c9ec147d17ccbd22a7207db54a4a1e6ee5b197b306289adb2ed37b6316f9f93968b9ea40c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+EJYH5:1dWubF3n9S91BF3fboHJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      748ea3abed6b67fb321a48d041139078b95357a485799466a3d1f84fe2147ad0

    • Size

      51KB

    • MD5

      8fecc6916ee85d78f51d75a4ab8ed2db

    • SHA1

      f594af83e27bc88d0501658cfcb23fb4a90bf060

    • SHA256

      748ea3abed6b67fb321a48d041139078b95357a485799466a3d1f84fe2147ad0

    • SHA512

      7af0bec49a95fe989c5bb9474d6699dc4da1234090c207f9a2eab98c9ec147d17ccbd22a7207db54a4a1e6ee5b197b306289adb2ed37b6316f9f93968b9ea40c

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+EJYH5:1dWubF3n9S91BF3fboHJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks