Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

server.exe

windows7-x64

10

server.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_67e279c0b5b7dd5138f40bd2bbfa4940

  • Size

    163KB

  • Sample

    250311-3pxckszyey

  • MD5

    67e279c0b5b7dd5138f40bd2bbfa4940

  • SHA1

    bd353a4bfae2e621440e43141f8d6fddcf058498

  • SHA256

    4cdefc2870dcd761891d550d2abd069ee45e2b9e1e86da62461b73d4ea1579ff

  • SHA512

    ed548e263bd650ee532872a92156d5e96571ad8d3dbd23c5e800ac7a5e7a939d91a748e73df411e7c7d6f5ba46595af1ca429136ed2d47b1df09e8d471b00e02

  • SSDEEP

    3072:T+2L0VozPqT939epQ+M/DmrocTXoqInKiIurkWugYLmVvZ+:GozPo939efmDTMXoiRurDugXc

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      server.dat

    • Size

      404KB

    • MD5

      b8d5dc52a958288386868eb242891ed5

    • SHA1

      d26e5926b7e9fc1187c5927bf88b6021ae88e9f4

    • SHA256

      afdf130aef3852fade6da64450931e3f96e85e9394e5c7949c4bd5dbf5f644fe

    • SHA512

      8ca6458aecd4a0593c0aed1f86fc4fa3090ba98416f31ad3aeb549fa9b3574cb5bd726d3d1c564e47587ba0a18135d05ab1695f17f707d42b5d0fc6978cda255

    • SSDEEP

      6144:4iTti+B0bL7tZA5gp3IBE94G7a4G7vWFta4G7vWFy8K:XPB0bdZAgNyIMvVvvH

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks