888rat | e1d963b95b58056f2bc2ccddad4482df16c8a147f8a2bcbcc104d672fe104886 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Windows 7 ...8.vmdk

windows7-x64

4

Windows 7 ...8.vmdk

windows10-2004-x64

3

Sharing

General

Target

Windows 7 x64-000008.vmdk
Size

387.1MB
Sample

240622-vn7sxswape
MD5

3a620b8bf0012bb9903129b83ea86bd2
SHA1

e4ec9d6fcdcca77ff5dbb0c8e5983da73788a9a2
SHA256

e1d963b95b58056f2bc2ccddad4482df16c8a147f8a2bcbcc104d672fe104886
SHA512

21275ffad6c86c8bb68bac19ab7ed9e0b3653d479a9ebd775bf2efa04e9799ec8a8fc4a59cb0c63fd796dfe754ed2387fd152bb984aa30d5fccaa6b24b64c2ee
SSDEEP

3145728:tDFaInFN9a31Cs/rJdmcrfKJd8vxdOxzZIV5VUnXAY:LzsR/rJdvQd8vXMZIzynF

Score

10^/10

888rat ardamax goldbackdoor guloader m00nd3v_logger matiex metasploit netfilter snakekeylogger sunburst xmrig agilenet backdoor guloader infostealer link miner pdf

Static task

static1

agilenet guloader infostealer miner pdf link backdoor 888rat goldbackdoor guloader m00nd3v_logger matiex netfilter snakekeylogger xmrig ardamax sunburst metasploit

25 signatures

Behavioral task

behavioral1

Sample

Windows 7 x64-000008.vmdk

Resource

win7-20240611-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Windows 7 x64-000008.vmdk

Resource

win10v2004-20240611-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  Windows 7 x64-000008.vmdk
- Size
  
  387.1MB
- MD5
  
  3a620b8bf0012bb9903129b83ea86bd2
- SHA1
  
  e4ec9d6fcdcca77ff5dbb0c8e5983da73788a9a2
- SHA256
  
  e1d963b95b58056f2bc2ccddad4482df16c8a147f8a2bcbcc104d672fe104886
- SHA512
  
  21275ffad6c86c8bb68bac19ab7ed9e0b3653d479a9ebd775bf2efa04e9799ec8a8fc4a59cb0c63fd796dfe754ed2387fd152bb984aa30d5fccaa6b24b64c2ee
- SSDEEP
  
  3145728:tDFaInFN9a31Cs/rJdmcrfKJd8vxdOxzZIV5VUnXAY:LzsR/rJdvQd8vXMZIzynF
Score

4^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

agilenetguloaderinfostealerminerpdflinkbackdoor888ratgoldbackdoorguloaderm00nd3v_loggermatiexnetfiltersnakekeyloggerxmrigardamaxsunburstmetasploit

behavioral1

behavioral2

© 2018-2025

Terms | Privacy