Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22e36e4bac2d78655a2d90690031b932fc968551ac4c74659a1e2152fc2cc91e

  • Size

    51KB

  • Sample

    240531-gbbm3agg71

  • MD5

    afc6ee54887675875e67519bd6ea8d10

  • SHA1

    737a7e73c55d4a31c5ffd11ba5b7f509b7b81fa4

  • SHA256

    22e36e4bac2d78655a2d90690031b932fc968551ac4c74659a1e2152fc2cc91e

  • SHA512

    a53616156b0cf6a9ecb1bb1881b17490ad74f6ade73050ded20f7413b5842095e080de98a2763fe99a7ed660ff8927f723471a891c8ae013d6e9fe33c15c4a67

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLSJYH5:1dWubF3n9S91BF3fboWJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      22e36e4bac2d78655a2d90690031b932fc968551ac4c74659a1e2152fc2cc91e

    • Size

      51KB

    • MD5

      afc6ee54887675875e67519bd6ea8d10

    • SHA1

      737a7e73c55d4a31c5ffd11ba5b7f509b7b81fa4

    • SHA256

      22e36e4bac2d78655a2d90690031b932fc968551ac4c74659a1e2152fc2cc91e

    • SHA512

      a53616156b0cf6a9ecb1bb1881b17490ad74f6ade73050ded20f7413b5842095e080de98a2763fe99a7ed660ff8927f723471a891c8ae013d6e9fe33c15c4a67

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLSJYH5:1dWubF3n9S91BF3fboWJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks