Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    743a53f1c566d7f896da5ae15dd7d618d6d41be28a70a3a2b67497f75c47c5dc

  • Size

    51KB

  • Sample

    240531-jk812abf5t

  • MD5

    1e9140b6852c637952bdec35cc5747b4

  • SHA1

    c12438d60fef0f9a4fb53ccdbf309ef81662ba32

  • SHA256

    743a53f1c566d7f896da5ae15dd7d618d6d41be28a70a3a2b67497f75c47c5dc

  • SHA512

    a65c3a8e153b50270cf7dc5bf6d02c9d419d51cdcdba4dde3cfed3b08a85bdce81c08178dfbc70677236dc19bcdc8909ecfe9519a5ec31f34ea8ebef749f8862

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fborJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      743a53f1c566d7f896da5ae15dd7d618d6d41be28a70a3a2b67497f75c47c5dc

    • Size

      51KB

    • MD5

      1e9140b6852c637952bdec35cc5747b4

    • SHA1

      c12438d60fef0f9a4fb53ccdbf309ef81662ba32

    • SHA256

      743a53f1c566d7f896da5ae15dd7d618d6d41be28a70a3a2b67497f75c47c5dc

    • SHA512

      a65c3a8e153b50270cf7dc5bf6d02c9d419d51cdcdba4dde3cfed3b08a85bdce81c08178dfbc70677236dc19bcdc8909ecfe9519a5ec31f34ea8ebef749f8862

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fborJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks