Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    50DDA13D14250B929DA6D55BD8A98E06.dll

  • Size

    14.4MB

  • Sample

    240531-db6awsce9x

  • MD5

    50dda13d14250b929da6d55bd8a98e06

  • SHA1

    f863b456284f9f2a7581cef7dc89fc5d4ffe5524

  • SHA256

    ce5dc079d2f3ca70b8616da4157df37dc48582acf6df273c9fa12a98e2028319

  • SHA512

    83f2578ae8a783cdcf2ba7e95e06bb264f321780ee2b78ed202b61e343f0fb4499ad0a15a7eb3eba62a3e30ee661ee5f91ee565d7bd4ea29ba93fc876e28a4fb

  • SSDEEP

    24576:yIb3+rvVSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSE:Sv

Score
10/10

Malware Config

Targets

    • Target

      50DDA13D14250B929DA6D55BD8A98E06.dll

    • Size

      14.4MB

    • MD5

      50dda13d14250b929da6d55bd8a98e06

    • SHA1

      f863b456284f9f2a7581cef7dc89fc5d4ffe5524

    • SHA256

      ce5dc079d2f3ca70b8616da4157df37dc48582acf6df273c9fa12a98e2028319

    • SHA512

      83f2578ae8a783cdcf2ba7e95e06bb264f321780ee2b78ed202b61e343f0fb4499ad0a15a7eb3eba62a3e30ee661ee5f91ee565d7bd4ea29ba93fc876e28a4fb

    • SSDEEP

      24576:yIb3+rvVSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSQSE:Sv

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks