Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8994da801ad6878d757b8e249f8f6ec935eb6e805e75e45ea82efe1581bb3b68

  • Size

    899KB

  • Sample

    240624-xmzf9s1cml

  • MD5

    f8f960f99d9c7a2a0cc3c30b43f34abd

  • SHA1

    f3a91aa0816c8ba1795a9c21db95b189b32b02a0

  • SHA256

    8994da801ad6878d757b8e249f8f6ec935eb6e805e75e45ea82efe1581bb3b68

  • SHA512

    f2ef9118e4fe6e51b335e995b423d38a6d937b11a5d2e78cf0ba709213fb4d39b041f2ca8fe852087f9c0988d18da0bcf5d1e319c44e069ee39a4a19799f764a

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      8994da801ad6878d757b8e249f8f6ec935eb6e805e75e45ea82efe1581bb3b68

    • Size

      899KB

    • MD5

      f8f960f99d9c7a2a0cc3c30b43f34abd

    • SHA1

      f3a91aa0816c8ba1795a9c21db95b189b32b02a0

    • SHA256

      8994da801ad6878d757b8e249f8f6ec935eb6e805e75e45ea82efe1581bb3b68

    • SHA512

      f2ef9118e4fe6e51b335e995b423d38a6d937b11a5d2e78cf0ba709213fb4d39b041f2ca8fe852087f9c0988d18da0bcf5d1e319c44e069ee39a4a19799f764a

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXD:7wqd87VD

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks