Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4bdb91809e18671ab47333ff0d372802ce71687a0d009edf628d95246f31bed9

  • Size

    899KB

  • Sample

    240531-cy22bada98

  • MD5

    3d663530df450e454052a7e48c198126

  • SHA1

    18658b447879c5083f554d282772cc41bb3a5d19

  • SHA256

    4bdb91809e18671ab47333ff0d372802ce71687a0d009edf628d95246f31bed9

  • SHA512

    3d72f2a6478ddd8e0722f5a72816898dc3b86f26b8144bb5ac565dd86fc8a51e464eed2b2b3a43dacf91ca74dfeba3b9e81c1dd67d3a5ef7bb8fb1703544ee17

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXt:7wqd87Vt

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      4bdb91809e18671ab47333ff0d372802ce71687a0d009edf628d95246f31bed9

    • Size

      899KB

    • MD5

      3d663530df450e454052a7e48c198126

    • SHA1

      18658b447879c5083f554d282772cc41bb3a5d19

    • SHA256

      4bdb91809e18671ab47333ff0d372802ce71687a0d009edf628d95246f31bed9

    • SHA512

      3d72f2a6478ddd8e0722f5a72816898dc3b86f26b8144bb5ac565dd86fc8a51e464eed2b2b3a43dacf91ca74dfeba3b9e81c1dd67d3a5ef7bb8fb1703544ee17

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXt:7wqd87Vt

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks