Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0c845d8c29257e00f00c50081af913eb89e3c717f15f44d4c26e2d536a03fd63

  • Size

    51KB

  • Sample

    240624-xk8bdsxfrf

  • MD5

    d822313be103320529a1165003bcf694

  • SHA1

    70e677919cb8af3cf1944aaa27c508f3f393342e

  • SHA256

    0c845d8c29257e00f00c50081af913eb89e3c717f15f44d4c26e2d536a03fd63

  • SHA512

    9ffb7e92859f146086f8f6dbacc77ffc38b57374f3ffc545fce6607893f3bd1d9062be2eae9c23ba30ce7049e472c0a3bd934adc7a2b60dada2c936d533d0f3f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL7JYH5:1dWubF3n9S91BF3fboHJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0c845d8c29257e00f00c50081af913eb89e3c717f15f44d4c26e2d536a03fd63

    • Size

      51KB

    • MD5

      d822313be103320529a1165003bcf694

    • SHA1

      70e677919cb8af3cf1944aaa27c508f3f393342e

    • SHA256

      0c845d8c29257e00f00c50081af913eb89e3c717f15f44d4c26e2d536a03fd63

    • SHA512

      9ffb7e92859f146086f8f6dbacc77ffc38b57374f3ffc545fce6607893f3bd1d9062be2eae9c23ba30ce7049e472c0a3bd934adc7a2b60dada2c936d533d0f3f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL7JYH5:1dWubF3n9S91BF3fboHJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks