Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3bb7cb40f283790a51e9ddfa3c1db70069f4442ca0f14d549051e1742c4d4fed

  • Size

    899KB

  • Sample

    240531-d19dvade8v

  • MD5

    ff9ba5dd2c810f447a00254f6be21b59

  • SHA1

    53be6d8dae9d29e0e38ec0b42fd3b07acba16746

  • SHA256

    3bb7cb40f283790a51e9ddfa3c1db70069f4442ca0f14d549051e1742c4d4fed

  • SHA512

    8bca42877692b8353c0a0b3600ff5203741c5f224e943f69ec641a8d7c0da077499f48428d06c70fb256dbb5d95e946585b7114b21160cfdf86bd9a0d8ac7a6d

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX7:7wqd87V7

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      3bb7cb40f283790a51e9ddfa3c1db70069f4442ca0f14d549051e1742c4d4fed

    • Size

      899KB

    • MD5

      ff9ba5dd2c810f447a00254f6be21b59

    • SHA1

      53be6d8dae9d29e0e38ec0b42fd3b07acba16746

    • SHA256

      3bb7cb40f283790a51e9ddfa3c1db70069f4442ca0f14d549051e1742c4d4fed

    • SHA512

      8bca42877692b8353c0a0b3600ff5203741c5f224e943f69ec641a8d7c0da077499f48428d06c70fb256dbb5d95e946585b7114b21160cfdf86bd9a0d8ac7a6d

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX7:7wqd87V7

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks