Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    25a8f3501208f2d55bfe7da0bfad6af1a0686a78c9c8426cc8faa3f69ca94838

  • Size

    51KB

  • Sample

    240530-ewxpxsec4s

  • MD5

    9086662c7c0c889598e2b18006c68347

  • SHA1

    8c3d49c992452656d991d96766033c9d856f0de2

  • SHA256

    25a8f3501208f2d55bfe7da0bfad6af1a0686a78c9c8426cc8faa3f69ca94838

  • SHA512

    c17f51920a69973097fb747c16f98913a33c60e3912e4ea305b62e403181a01780d9e22db9b150302957cefc9871ed99eda12d9455aecaf1cbafc41b1bd42901

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL5JYH5:1dWubF3n9S91BF3fbolJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      25a8f3501208f2d55bfe7da0bfad6af1a0686a78c9c8426cc8faa3f69ca94838

    • Size

      51KB

    • MD5

      9086662c7c0c889598e2b18006c68347

    • SHA1

      8c3d49c992452656d991d96766033c9d856f0de2

    • SHA256

      25a8f3501208f2d55bfe7da0bfad6af1a0686a78c9c8426cc8faa3f69ca94838

    • SHA512

      c17f51920a69973097fb747c16f98913a33c60e3912e4ea305b62e403181a01780d9e22db9b150302957cefc9871ed99eda12d9455aecaf1cbafc41b1bd42901

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL5JYH5:1dWubF3n9S91BF3fbolJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks