Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    caf8ba2684b4b0378cc4861e12bfcf677e79a49950efbca471b6cd7619d7d6dd

  • Size

    899KB

  • Sample

    240624-2p7mwayhlp

  • MD5

    34e9e3163bf2d3981c0b6d5148178d13

  • SHA1

    87a0563638e4a484e1884ca1eaba8ee62677380d

  • SHA256

    caf8ba2684b4b0378cc4861e12bfcf677e79a49950efbca471b6cd7619d7d6dd

  • SHA512

    742f6530e200a941fdccfda8aae37f9ffd2a397cfb674a537b7bb70d869f12df51c924d879708fab3104b61df21ccd53f661760c8091e243762763f64accc433

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      caf8ba2684b4b0378cc4861e12bfcf677e79a49950efbca471b6cd7619d7d6dd

    • Size

      899KB

    • MD5

      34e9e3163bf2d3981c0b6d5148178d13

    • SHA1

      87a0563638e4a484e1884ca1eaba8ee62677380d

    • SHA256

      caf8ba2684b4b0378cc4861e12bfcf677e79a49950efbca471b6cd7619d7d6dd

    • SHA512

      742f6530e200a941fdccfda8aae37f9ffd2a397cfb674a537b7bb70d869f12df51c924d879708fab3104b61df21ccd53f661760c8091e243762763f64accc433

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks