Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3300cc6e12bfeebc3a27dcee8f710c2d8daf9826495a7dc290f7c86aa31986a9

  • Size

    51KB

  • Sample

    240624-xjebxs1apn

  • MD5

    6db0124dd36b8fdf57977622bafd05cd

  • SHA1

    cdcfabba7ef08ae50e615ccede88c70d840cd6bc

  • SHA256

    3300cc6e12bfeebc3a27dcee8f710c2d8daf9826495a7dc290f7c86aa31986a9

  • SHA512

    32a5358a5ba3e1cc5ceb373e30f1473b7642caf904de87d535894e3a6f87d3ebdd04d8d239d53991f78ed29ad34ca5c4d449d4a5a992247fc821f4be1211f6ba

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fboYJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3300cc6e12bfeebc3a27dcee8f710c2d8daf9826495a7dc290f7c86aa31986a9

    • Size

      51KB

    • MD5

      6db0124dd36b8fdf57977622bafd05cd

    • SHA1

      cdcfabba7ef08ae50e615ccede88c70d840cd6bc

    • SHA256

      3300cc6e12bfeebc3a27dcee8f710c2d8daf9826495a7dc290f7c86aa31986a9

    • SHA512

      32a5358a5ba3e1cc5ceb373e30f1473b7642caf904de87d535894e3a6f87d3ebdd04d8d239d53991f78ed29ad34ca5c4d449d4a5a992247fc821f4be1211f6ba

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fboYJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks