Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b59de95cea29b574e294bf41230e9668_JaffaCakes118
-
Size
60KB
-
Sample
240822-anhhtasdmr
-
MD5
b59de95cea29b574e294bf41230e9668
-
SHA1
6390436697decfba609ce93e172490de4a587e4f
-
SHA256
ae8a58019e1f2afda2500872c3662456da61692bf824366b2766ec5c0c45f191
-
SHA512
d16e56d2f042455a657270488050fb62ee22257520942abc7613000a3925db1bcc12eb931b1fa7dcf32a9f83ef63fe4741fa29dd5707e7140ce8510d7f3a2fc2
-
SSDEEP
1536:CI6sJ1S0xnBTySc2c4WId1sNRl3tFvVz9r5HMF:CZh0xBTyPkSJlr5Hs
Malware Config
Targets
-
-
Target
b59de95cea29b574e294bf41230e9668_JaffaCakes118
-
Size
60KB
-
MD5
b59de95cea29b574e294bf41230e9668
-
SHA1
6390436697decfba609ce93e172490de4a587e4f
-
SHA256
ae8a58019e1f2afda2500872c3662456da61692bf824366b2766ec5c0c45f191
-
SHA512
d16e56d2f042455a657270488050fb62ee22257520942abc7613000a3925db1bcc12eb931b1fa7dcf32a9f83ef63fe4741fa29dd5707e7140ce8510d7f3a2fc2
-
SSDEEP
1536:CI6sJ1S0xnBTySc2c4WId1sNRl3tFvVz9r5HMF:CZh0xBTyPkSJlr5Hs
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Event Triggered Execution: AppCert DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-