Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    339f65bf19409df0333612ba86c4fa78fe29d98eab13cfde875fbbade807126b

  • Size

    51KB

  • Sample

    240624-xjempa1app

  • MD5

    f5a890d7a069b3e3e834cc0eabea596d

  • SHA1

    36637f1f10e1eaea8ad0d964cbba7010f4fa6455

  • SHA256

    339f65bf19409df0333612ba86c4fa78fe29d98eab13cfde875fbbade807126b

  • SHA512

    0b524a209e17d8b89b073f37ae7cc3b36a90f61077a41f625e14d73acb31d202f59a4fbfbb761b541600b6f3312744528fbb35876a5ea0ee2700f991846743e2

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL1JYH5:1dWubF3n9S91BF3fboBJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      339f65bf19409df0333612ba86c4fa78fe29d98eab13cfde875fbbade807126b

    • Size

      51KB

    • MD5

      f5a890d7a069b3e3e834cc0eabea596d

    • SHA1

      36637f1f10e1eaea8ad0d964cbba7010f4fa6455

    • SHA256

      339f65bf19409df0333612ba86c4fa78fe29d98eab13cfde875fbbade807126b

    • SHA512

      0b524a209e17d8b89b073f37ae7cc3b36a90f61077a41f625e14d73acb31d202f59a4fbfbb761b541600b6f3312744528fbb35876a5ea0ee2700f991846743e2

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL1JYH5:1dWubF3n9S91BF3fboBJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks