Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc5f6c1748aa24163cbf570151b5d27a95762504d6cea8541c194e4a50286c1c

  • Size

    51KB

  • Sample

    240531-jlmt7abf61

  • MD5

    c4c3f3186078603069d4caf7fa7d883b

  • SHA1

    576038c6be87a32df2fcf4d4b1db76da1c3eeffb

  • SHA256

    bc5f6c1748aa24163cbf570151b5d27a95762504d6cea8541c194e4a50286c1c

  • SHA512

    d87084c3fa004fa7876cf7142af9520a0af749cf64ec363d7902f2b9f55dba5695dc2e6286f5d575e08d4c45d41f30974eb6df9364d1298c04a6ffd06065fb22

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLQJYH5:1dWubF3n9S91BF3fbokJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      bc5f6c1748aa24163cbf570151b5d27a95762504d6cea8541c194e4a50286c1c

    • Size

      51KB

    • MD5

      c4c3f3186078603069d4caf7fa7d883b

    • SHA1

      576038c6be87a32df2fcf4d4b1db76da1c3eeffb

    • SHA256

      bc5f6c1748aa24163cbf570151b5d27a95762504d6cea8541c194e4a50286c1c

    • SHA512

      d87084c3fa004fa7876cf7142af9520a0af749cf64ec363d7902f2b9f55dba5695dc2e6286f5d575e08d4c45d41f30974eb6df9364d1298c04a6ffd06065fb22

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLQJYH5:1dWubF3n9S91BF3fbokJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks