Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8bfc8a260f8a53c5be413af7492305956524ff055f730fdeb363fe69f35f73ba

  • Size

    51KB

  • Sample

    240624-xk8xxs1bql

  • MD5

    7fc76f968a518c7d332bef7dc72c5e16

  • SHA1

    eb7e81a81252cad68d9dfe4ed3901114eee9d316

  • SHA256

    8bfc8a260f8a53c5be413af7492305956524ff055f730fdeb363fe69f35f73ba

  • SHA512

    31c2c6c4fcbb4bb103d1693c990c458758b5d7cd0d936211a43cc5116a9ed38b770b8d942b9cc15035db0c3cb1a3a9bcd1c12241b12c3af2d6dec02da506e735

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fboLJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      8bfc8a260f8a53c5be413af7492305956524ff055f730fdeb363fe69f35f73ba

    • Size

      51KB

    • MD5

      7fc76f968a518c7d332bef7dc72c5e16

    • SHA1

      eb7e81a81252cad68d9dfe4ed3901114eee9d316

    • SHA256

      8bfc8a260f8a53c5be413af7492305956524ff055f730fdeb363fe69f35f73ba

    • SHA512

      31c2c6c4fcbb4bb103d1693c990c458758b5d7cd0d936211a43cc5116a9ed38b770b8d942b9cc15035db0c3cb1a3a9bcd1c12241b12c3af2d6dec02da506e735

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fboLJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks