Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a28fea64630c9be2bd9c0e4ecc8abe91_JaffaCakes118
-
Size
384KB
-
Sample
240817-pt98cawbld
-
MD5
a28fea64630c9be2bd9c0e4ecc8abe91
-
SHA1
777e5ffd98706cbdd9aa1d40f5ad34dc8df8e8dc
-
SHA256
b3f4143381141c86942012898ad26ee8b495d8567471bf8322259d9612c6b240
-
SHA512
9ce00dce9940876f92cefc20135c21ff0f948d5e605006c1b8754ddd3198fa710638fd32196434a9c1da79b2f5d9751249d839e2f32257920392ac5323273d99
-
SSDEEP
12288:KPdK4bgeK8VL5TKjb31wgxllhz7G60i2qvyOt:KPBjK8VlYb3P9FZ
Malware Config
Targets
-
-
Target
a28fea64630c9be2bd9c0e4ecc8abe91_JaffaCakes118
-
Size
384KB
-
MD5
a28fea64630c9be2bd9c0e4ecc8abe91
-
SHA1
777e5ffd98706cbdd9aa1d40f5ad34dc8df8e8dc
-
SHA256
b3f4143381141c86942012898ad26ee8b495d8567471bf8322259d9612c6b240
-
SHA512
9ce00dce9940876f92cefc20135c21ff0f948d5e605006c1b8754ddd3198fa710638fd32196434a9c1da79b2f5d9751249d839e2f32257920392ac5323273d99
-
SSDEEP
12288:KPdK4bgeK8VL5TKjb31wgxllhz7G60i2qvyOt:KPBjK8VlYb3P9FZ
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Executes dropped EXE
-
Adds Run key to start application
-