Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

93d8f9f9ee...d5.dll

windows7-x64

10

93d8f9f9ee...d5.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93d8f9f9ee34a243f2e5e878d503c779bb47c760ec18b8d42b6e75a517c4b4d5

  • Size

    50KB

  • Sample

    240627-2cfnmavarc

  • MD5

    b01c323b4a056b99be72377e616606f9

  • SHA1

    787c0c00d9b03636561af8f4697854433793e855

  • SHA256

    93d8f9f9ee34a243f2e5e878d503c779bb47c760ec18b8d42b6e75a517c4b4d5

  • SHA512

    e4917556a04252a744257e084af2f75bca6e7bcdc2c7603109bde745f4aaac5d251b29a56f0fb298839bbe517632b281554f7cf2f9c4c63e248644ea4295a2b8

  • SSDEEP

    1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5/JYH:W5ReWjTrW9rNPgYoFJYH

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      93d8f9f9ee34a243f2e5e878d503c779bb47c760ec18b8d42b6e75a517c4b4d5

    • Size

      50KB

    • MD5

      b01c323b4a056b99be72377e616606f9

    • SHA1

      787c0c00d9b03636561af8f4697854433793e855

    • SHA256

      93d8f9f9ee34a243f2e5e878d503c779bb47c760ec18b8d42b6e75a517c4b4d5

    • SHA512

      e4917556a04252a744257e084af2f75bca6e7bcdc2c7603109bde745f4aaac5d251b29a56f0fb298839bbe517632b281554f7cf2f9c4c63e248644ea4295a2b8

    • SSDEEP

      1536:WD1N4TeeWMWfPbp2WTrW9L3JPPgJ+o5/JYH:W5ReWjTrW9rNPgYoFJYH

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks