Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    410b0079fc49270588d6dd3c3d22b9b5c2785e7fad8c1f430ea705e4bd801c00

  • Size

    899KB

  • Sample

    240624-xew16sxcre

  • MD5

    dd690d7444c8628b1e9ea0ebfd81c516

  • SHA1

    31d357f0c3c1ae4b056c9fcd10f53f2aebdc7f21

  • SHA256

    410b0079fc49270588d6dd3c3d22b9b5c2785e7fad8c1f430ea705e4bd801c00

  • SHA512

    6106098ff773beaaecc107d3c594fad3ebad621d1bc50207b56375181e80c186603c87f405119bdef92c3517ec08d00e8035d0d1fc0056ca2bc27519affee494

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXE:7wqd87VE

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      410b0079fc49270588d6dd3c3d22b9b5c2785e7fad8c1f430ea705e4bd801c00

    • Size

      899KB

    • MD5

      dd690d7444c8628b1e9ea0ebfd81c516

    • SHA1

      31d357f0c3c1ae4b056c9fcd10f53f2aebdc7f21

    • SHA256

      410b0079fc49270588d6dd3c3d22b9b5c2785e7fad8c1f430ea705e4bd801c00

    • SHA512

      6106098ff773beaaecc107d3c594fad3ebad621d1bc50207b56375181e80c186603c87f405119bdef92c3517ec08d00e8035d0d1fc0056ca2bc27519affee494

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXE:7wqd87VE

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks