Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c7fa6fd2056a8c4d8a467189b23987b99f3a5fcde160f7e3b5b84a5851b3ed45

  • Size

    51KB

  • Sample

    240531-hblnpsaa6y

  • MD5

    e833de414e0ef5222872737679917bc4

  • SHA1

    13f47b35aaf59427acbc9f3ac5c973aa84e74a40

  • SHA256

    c7fa6fd2056a8c4d8a467189b23987b99f3a5fcde160f7e3b5b84a5851b3ed45

  • SHA512

    e4337e2d5c67e1771a7d10677add601b90a30d34205d4fbbd348190f67776325762a655c1064e3a33c12044ae13d96f783bc28edba2194fe24f80abe8edd8b50

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLnJYH5:1dWubF3n9S91BF3fbo7JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c7fa6fd2056a8c4d8a467189b23987b99f3a5fcde160f7e3b5b84a5851b3ed45

    • Size

      51KB

    • MD5

      e833de414e0ef5222872737679917bc4

    • SHA1

      13f47b35aaf59427acbc9f3ac5c973aa84e74a40

    • SHA256

      c7fa6fd2056a8c4d8a467189b23987b99f3a5fcde160f7e3b5b84a5851b3ed45

    • SHA512

      e4337e2d5c67e1771a7d10677add601b90a30d34205d4fbbd348190f67776325762a655c1064e3a33c12044ae13d96f783bc28edba2194fe24f80abe8edd8b50

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLnJYH5:1dWubF3n9S91BF3fbo7JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks