Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f5758a4e44bf1730ec89073d5539dc3a1f67378159409a8d2ecc8261eee28fdb

  • Size

    899KB

  • Sample

    240624-xk7pvs1bpr

  • MD5

    34626fb341000cd35a9efd00bba7c439

  • SHA1

    c6c542fdd1a2ea8847d0348fe39278e1dac1a788

  • SHA256

    f5758a4e44bf1730ec89073d5539dc3a1f67378159409a8d2ecc8261eee28fdb

  • SHA512

    47322b96ad2f9adb336f277313a1f7f3b3ae77ffe4637e53d795554c19a1e3fa5795b2bccd8dd6e41c8c7392769d8081babcc7acd22ed981978e18c237213e59

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX3:7wqd87V3

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      f5758a4e44bf1730ec89073d5539dc3a1f67378159409a8d2ecc8261eee28fdb

    • Size

      899KB

    • MD5

      34626fb341000cd35a9efd00bba7c439

    • SHA1

      c6c542fdd1a2ea8847d0348fe39278e1dac1a788

    • SHA256

      f5758a4e44bf1730ec89073d5539dc3a1f67378159409a8d2ecc8261eee28fdb

    • SHA512

      47322b96ad2f9adb336f277313a1f7f3b3ae77ffe4637e53d795554c19a1e3fa5795b2bccd8dd6e41c8c7392769d8081babcc7acd22ed981978e18c237213e59

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX3:7wqd87V3

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks