Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    56e21f4aed270318b4cb6f4245d1fb3d3dd40736b23f0ec92eabf20a5236b1c3

  • Size

    51KB

  • Sample

    240624-xgngtaxejc

  • MD5

    0a1b1ad0e30ff946e9f951fd889b81ec

  • SHA1

    4e71523b16acd1da7eb6b022f99ff9d447a1cc88

  • SHA256

    56e21f4aed270318b4cb6f4245d1fb3d3dd40736b23f0ec92eabf20a5236b1c3

  • SHA512

    fe63322271746f69bf7313869c2d8399ac57283f1a644c5e4cb73ad81975d64228c8353ac165f3e86d306382052ecabbc2735c458574cf4d7af9e08333fe67e5

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbodJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      56e21f4aed270318b4cb6f4245d1fb3d3dd40736b23f0ec92eabf20a5236b1c3

    • Size

      51KB

    • MD5

      0a1b1ad0e30ff946e9f951fd889b81ec

    • SHA1

      4e71523b16acd1da7eb6b022f99ff9d447a1cc88

    • SHA256

      56e21f4aed270318b4cb6f4245d1fb3d3dd40736b23f0ec92eabf20a5236b1c3

    • SHA512

      fe63322271746f69bf7313869c2d8399ac57283f1a644c5e4cb73ad81975d64228c8353ac165f3e86d306382052ecabbc2735c458574cf4d7af9e08333fe67e5

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbodJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks