Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7cd32dd4ea5e1d54a0c8ff0b4a64fa47371ddb7b9a5a34e5968464310d7fb485

  • Size

    51KB

  • Sample

    240531-d5m2eaeh32

  • MD5

    0ccfd23e50a63bd8dd93e00d391bf4fd

  • SHA1

    69e68e9ce60ad843713e162a242f84cf84829231

  • SHA256

    7cd32dd4ea5e1d54a0c8ff0b4a64fa47371ddb7b9a5a34e5968464310d7fb485

  • SHA512

    845add8780d06db5a67e7bf7989daa494be2d1c0424f2766b1a823cba3cbe3725416fbdb786332c7de9184498cdb7bad489d0843a22de0f639a90edeb516295a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLJJYH5:1dWubF3n9S91BF3fboNJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      7cd32dd4ea5e1d54a0c8ff0b4a64fa47371ddb7b9a5a34e5968464310d7fb485

    • Size

      51KB

    • MD5

      0ccfd23e50a63bd8dd93e00d391bf4fd

    • SHA1

      69e68e9ce60ad843713e162a242f84cf84829231

    • SHA256

      7cd32dd4ea5e1d54a0c8ff0b4a64fa47371ddb7b9a5a34e5968464310d7fb485

    • SHA512

      845add8780d06db5a67e7bf7989daa494be2d1c0424f2766b1a823cba3cbe3725416fbdb786332c7de9184498cdb7bad489d0843a22de0f639a90edeb516295a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLJJYH5:1dWubF3n9S91BF3fboNJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks