Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d95975238efc778e05ef7ac3426e36d0adf9939788d4d20cf6f8a8a09f12e384

  • Size

    51KB

  • Sample

    240531-jbjpsabb8t

  • MD5

    e38915dfb5b5cce7363ebe3dcf958435

  • SHA1

    8512ae96947a9fd585934f3055d144847ec434be

  • SHA256

    d95975238efc778e05ef7ac3426e36d0adf9939788d4d20cf6f8a8a09f12e384

  • SHA512

    d07f7649c9697b9983ec3c6d04cde8f0e56a030d485b31b41a0f0aa271b4d86a862200d1f7be11ea06e64057e66cec807064be3b1cec3cf93f1da3752021c089

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fboeJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      d95975238efc778e05ef7ac3426e36d0adf9939788d4d20cf6f8a8a09f12e384

    • Size

      51KB

    • MD5

      e38915dfb5b5cce7363ebe3dcf958435

    • SHA1

      8512ae96947a9fd585934f3055d144847ec434be

    • SHA256

      d95975238efc778e05ef7ac3426e36d0adf9939788d4d20cf6f8a8a09f12e384

    • SHA512

      d07f7649c9697b9983ec3c6d04cde8f0e56a030d485b31b41a0f0aa271b4d86a862200d1f7be11ea06e64057e66cec807064be3b1cec3cf93f1da3752021c089

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fboeJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks