Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

ghost-1.0.4.zip

windows11-21h2-x64

1

ghost-1.0....ORS.md

windows11-21h2-x64

3

ghost-1.0....LOG.md

windows11-21h2-x64

3

ghost-1.0.4/LICENSE

windows11-21h2-x64

1

ghost-1.0.4/README.md

windows11-21h2-x64

3

ghost-1.0....st.dll

windows11-21h2-x64

3

ghost-1.0....st.exp

windows11-21h2-x64

3

ghost-1.0....st.lib

windows11-21h2-x64

3

ghost-1.0....st.dll

windows11-21h2-x64

3

ghost-1.0....st.exp

windows11-21h2-x64

3

ghost-1.0....st.lib

windows11-21h2-x64

3

ghost-1.0....t.html

windows11-21h2-x64

3

ghost-1.0....on.ico

windows11-21h2-x64

3

ghost-1.0....et.exe

windows11-21h2-x64

3

ghost-1.0....rypt.h

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

ghost-1.0....ib.cpp

windows11-21h2-x64

3

ghost-1.0....tlib.h

windows11-21h2-x64

3

ghost-1.0....urce.h

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

ghost-1.0....er.cpp

windows11-21h2-x64

3

ghost-1.0....ader.h

windows11-21h2-x64

3

ghost-1.0....acks.h

windows11-21h2-x64

3

ghost-1.0....nfig.h

windows11-21h2-x64

3

ghost-1.0....sole.h

windows11-21h2-x64

3

ghost-1.0..../gui.h

windows11-21h2-x64

3

ghost-1.0....info.h

windows11-21h2-x64

3

ghost-1.0....ni.cpp

windows11-21h2-x64

3

ghost-1.0..../ini.h

windows11-21h2-x64

3

ghost-1.0....urce.h

windows11-21h2-x64

3

ghost-1.0....er.cpp

windows11-21h2-x64

3

ghost-1.0....fo.cpp

windows11-21h2-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05/09/2024, 09:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ghost-1.0.4/_resources/wget.exe

  • Size

    2.9MB

  • MD5

    78c1d46f19ef98dc760e7c40f14ee242

  • SHA1

    8dd503566d4c6b2d4bb9c41af2605b986596a15b

  • SHA256

    aa246768b4ce197c1d0945e233975c23acd08b84170cc6581e17cdfd771c0cb3

  • SHA512

    0e9df5420b2fecef210c83b5fdcb0d7f597e89073e848221788c203b357a182b9b72dcbc3e20a256f14ca37a51bce3cb1a9f935d62bb5adb08183d7dd3f56543

  • SSDEEP

    49152:O84bklvgA17OhXwlxg4g/BPWOo4uVxYcVtoYpI7Z/LQTd1lmHy/piSo6xRNMnEwl:O9bklvgA17Iwlxg4g/BPWOo4uVxYcVt+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\ghost-1.0.4\_resources\wget.exe
    "C:\Users\Admin\AppData\Local\Temp\ghost-1.0.4\_resources\wget.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2100-0-0x0000000000400000-0x00000000006F1000-memory.dmp

    Filesize

    2.9MB

    Download