Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c694b7e715427dbbb68159af4fe5e12495279e4dfcddfb35e187c4744372160b

  • Size

    51KB

  • Sample

    240624-2tqvxszblm

  • MD5

    95bcd1084798c0afd37292757c765773

  • SHA1

    f237c67fe632e98c5e9d2ad45c75439e022b45fd

  • SHA256

    c694b7e715427dbbb68159af4fe5e12495279e4dfcddfb35e187c4744372160b

  • SHA512

    f8bf3f64b632a680501eaa46212d6a111967ad1e55d1e8b02454c0dc58a2661f338afd2c3b50ecf52e01cfb5da58124b35c209efa59e87bccced42d1d7b50922

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbobJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c694b7e715427dbbb68159af4fe5e12495279e4dfcddfb35e187c4744372160b

    • Size

      51KB

    • MD5

      95bcd1084798c0afd37292757c765773

    • SHA1

      f237c67fe632e98c5e9d2ad45c75439e022b45fd

    • SHA256

      c694b7e715427dbbb68159af4fe5e12495279e4dfcddfb35e187c4744372160b

    • SHA512

      f8bf3f64b632a680501eaa46212d6a111967ad1e55d1e8b02454c0dc58a2661f338afd2c3b50ecf52e01cfb5da58124b35c209efa59e87bccced42d1d7b50922

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbobJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks