Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0041222fa3cef8d6cb1dba7d7418e92a5bbc11fce2595daa1e6c69d2417ea95f

  • Size

    51KB

  • Sample

    240530-h4bdfaae4y

  • MD5

    2c9ca1f3f365baa105e90cfdf0955310

  • SHA1

    f10fc0f2f2d67a912a5302cce1df774cf7367d32

  • SHA256

    0041222fa3cef8d6cb1dba7d7418e92a5bbc11fce2595daa1e6c69d2417ea95f

  • SHA512

    3f553ac60a04f8476f487e0852842c4cb27d247e0af7e02aeaa4af58033d51a08db0edeef44c93200953b281098b815f1c2dccd1f02288f758ca976b7aeb3751

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fboMJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0041222fa3cef8d6cb1dba7d7418e92a5bbc11fce2595daa1e6c69d2417ea95f

    • Size

      51KB

    • MD5

      2c9ca1f3f365baa105e90cfdf0955310

    • SHA1

      f10fc0f2f2d67a912a5302cce1df774cf7367d32

    • SHA256

      0041222fa3cef8d6cb1dba7d7418e92a5bbc11fce2595daa1e6c69d2417ea95f

    • SHA512

      3f553ac60a04f8476f487e0852842c4cb27d247e0af7e02aeaa4af58033d51a08db0edeef44c93200953b281098b815f1c2dccd1f02288f758ca976b7aeb3751

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fboMJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks