Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e6130a5733ec59a330acfd6e66bfa22f52e5e327a5c5a324a8f2e55c49d8c36f

  • Size

    899KB

  • Sample

    240624-2newgaygmm

  • MD5

    ca4fc68df10f4eb658e38e34e99f5018

  • SHA1

    340e5b82d45be37839aad19d71bbf49edd26a7e7

  • SHA256

    e6130a5733ec59a330acfd6e66bfa22f52e5e327a5c5a324a8f2e55c49d8c36f

  • SHA512

    47ec4b7a3a63e5094e2ea744248eca4bb5755df98b1b71d9d94ca094712a4ae8c9f5171a7f753aca1e063ba42467009f2d461f2e5f0a5d96503935fe6143a43b

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXq:7wqd87Vq

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      e6130a5733ec59a330acfd6e66bfa22f52e5e327a5c5a324a8f2e55c49d8c36f

    • Size

      899KB

    • MD5

      ca4fc68df10f4eb658e38e34e99f5018

    • SHA1

      340e5b82d45be37839aad19d71bbf49edd26a7e7

    • SHA256

      e6130a5733ec59a330acfd6e66bfa22f52e5e327a5c5a324a8f2e55c49d8c36f

    • SHA512

      47ec4b7a3a63e5094e2ea744248eca4bb5755df98b1b71d9d94ca094712a4ae8c9f5171a7f753aca1e063ba42467009f2d461f2e5f0a5d96503935fe6143a43b

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXq:7wqd87Vq

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks