Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3aec0e7e0c868302833de6217d36923248b0c657127ce046cb903a939c16c06f

  • Size

    51KB

  • Sample

    240624-2p7b4swdjc

  • MD5

    5cea399180505b6a102d5f92918e35a0

  • SHA1

    f02ff667cf0004630a74919a0d4401ebd129aad7

  • SHA256

    3aec0e7e0c868302833de6217d36923248b0c657127ce046cb903a939c16c06f

  • SHA512

    71b9494a1a4d4330be7a9f9f9d40bd51c7904c4fae6eac92d0c778e7eecf4227784bfc1d95375c268ddfe1c1b60de3825b7a712b4f943c6bd0b57e03579bd9f7

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL4JYH5:1dWubF3n9S91BF3fbo8JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3aec0e7e0c868302833de6217d36923248b0c657127ce046cb903a939c16c06f

    • Size

      51KB

    • MD5

      5cea399180505b6a102d5f92918e35a0

    • SHA1

      f02ff667cf0004630a74919a0d4401ebd129aad7

    • SHA256

      3aec0e7e0c868302833de6217d36923248b0c657127ce046cb903a939c16c06f

    • SHA512

      71b9494a1a4d4330be7a9f9f9d40bd51c7904c4fae6eac92d0c778e7eecf4227784bfc1d95375c268ddfe1c1b60de3825b7a712b4f943c6bd0b57e03579bd9f7

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL4JYH5:1dWubF3n9S91BF3fbo8JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks