Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f89ba979f9d7ce060931e1fa4687f1ef8727540b825e26b6c4d40e1668636f74

  • Size

    899KB

  • Sample

    240531-jj1chacc88

  • MD5

    415d80bcdc5589fe053548cc63d6b66b

  • SHA1

    76dabed2390384702766a7a3f50a87071226abf9

  • SHA256

    f89ba979f9d7ce060931e1fa4687f1ef8727540b825e26b6c4d40e1668636f74

  • SHA512

    27c4523ee36b462e2ddd5455bc3c7dbe172cb8dcd756cf2366738e55d28b8d317e0fc66bd1d473cc9e67aeed73bd5a15b58a72f6817605e672c3b168a141689c

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX4:7wqd87V4

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      f89ba979f9d7ce060931e1fa4687f1ef8727540b825e26b6c4d40e1668636f74

    • Size

      899KB

    • MD5

      415d80bcdc5589fe053548cc63d6b66b

    • SHA1

      76dabed2390384702766a7a3f50a87071226abf9

    • SHA256

      f89ba979f9d7ce060931e1fa4687f1ef8727540b825e26b6c4d40e1668636f74

    • SHA512

      27c4523ee36b462e2ddd5455bc3c7dbe172cb8dcd756cf2366738e55d28b8d317e0fc66bd1d473cc9e67aeed73bd5a15b58a72f6817605e672c3b168a141689c

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX4:7wqd87V4

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks