Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fcd13b20dda03a278efa6f03cb77a17eb730a9204ee9d8e5289ce03f78d49589

  • Size

    51KB

  • Sample

    240624-2tqvxsweqh

  • MD5

    8cededa263a0aac4ceea66a2799b83c3

  • SHA1

    c1d6da42d7edfd415dbcc8393fa36f412a4b692f

  • SHA256

    fcd13b20dda03a278efa6f03cb77a17eb730a9204ee9d8e5289ce03f78d49589

  • SHA512

    8d1f6fa5460ba9aa578a760ceb67757aaa00d01041fbb05f1309f736c0bddc3d2089fafac018ee69a4cdeafbc7d3e88b0c84b9abc0fa94b212b1e9168f73314f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLbJYH5:1dWubF3n9S91BF3fboHJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      fcd13b20dda03a278efa6f03cb77a17eb730a9204ee9d8e5289ce03f78d49589

    • Size

      51KB

    • MD5

      8cededa263a0aac4ceea66a2799b83c3

    • SHA1

      c1d6da42d7edfd415dbcc8393fa36f412a4b692f

    • SHA256

      fcd13b20dda03a278efa6f03cb77a17eb730a9204ee9d8e5289ce03f78d49589

    • SHA512

      8d1f6fa5460ba9aa578a760ceb67757aaa00d01041fbb05f1309f736c0bddc3d2089fafac018ee69a4cdeafbc7d3e88b0c84b9abc0fa94b212b1e9168f73314f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLbJYH5:1dWubF3n9S91BF3fboHJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks