Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9f71e8d4c44bae85d05422ab8247c97fab243994a006ab8033b9e51ef6c4748b

  • Size

    151KB

  • Sample

    240531-c1yfxacb3x

  • MD5

    6bc8d03685ce1edb7baa999e94f29921

  • SHA1

    0cb89dd9c2e3439c2f7d9ceca7cfb35586544862

  • SHA256

    9f71e8d4c44bae85d05422ab8247c97fab243994a006ab8033b9e51ef6c4748b

  • SHA512

    1923e51a390f1b2b933e98c05c6ca116756a988fc22efbaa3bb1ea141e17d1bf6794590d34f383e440f3c8b70d37694e65ab43de624f8ee3367a6609bed2e68b

  • SSDEEP

    3072:LUDBHy4BBy6eFJrmmIewRxM6JSQTqGd4Pwc3q:L0yB6oJrcRZQcqGywq

Score
10/10

Malware Config

Targets

    • Target

      9f71e8d4c44bae85d05422ab8247c97fab243994a006ab8033b9e51ef6c4748b

    • Size

      151KB

    • MD5

      6bc8d03685ce1edb7baa999e94f29921

    • SHA1

      0cb89dd9c2e3439c2f7d9ceca7cfb35586544862

    • SHA256

      9f71e8d4c44bae85d05422ab8247c97fab243994a006ab8033b9e51ef6c4748b

    • SHA512

      1923e51a390f1b2b933e98c05c6ca116756a988fc22efbaa3bb1ea141e17d1bf6794590d34f383e440f3c8b70d37694e65ab43de624f8ee3367a6609bed2e68b

    • SSDEEP

      3072:LUDBHy4BBy6eFJrmmIewRxM6JSQTqGd4Pwc3q:L0yB6oJrcRZQcqGywq

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks