Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_667a68ef27aa379594e12ed0bf683dec
-
Size
120KB
-
Sample
250311-v5q7hazzgy
-
MD5
667a68ef27aa379594e12ed0bf683dec
-
SHA1
674c5585b3776d7115929c193e577f7800ba781c
-
SHA256
fb82cd134dd9bc5fdf4e0d4102bfe26ed92201abac4288150036b57822062933
-
SHA512
da5b9a032733cbaf6e9999ed253e391e5511041596adaad5ec0a1be875778a4481804ca7db318909fd8c475352b91d60724c2e7a03071b6211e50a3761bd55d6
-
SSDEEP
3072:v/IgiWeBfubM324ZiriSPwAy7SXPdJAfo8eC9ezASwdSukI:v/IgiWmubMGuinYAiyYoHS3Swwm
Malware Config
Targets
-
-
Target
JaffaCakes118_667a68ef27aa379594e12ed0bf683dec
-
Size
120KB
-
MD5
667a68ef27aa379594e12ed0bf683dec
-
SHA1
674c5585b3776d7115929c193e577f7800ba781c
-
SHA256
fb82cd134dd9bc5fdf4e0d4102bfe26ed92201abac4288150036b57822062933
-
SHA512
da5b9a032733cbaf6e9999ed253e391e5511041596adaad5ec0a1be875778a4481804ca7db318909fd8c475352b91d60724c2e7a03071b6211e50a3761bd55d6
-
SSDEEP
3072:v/IgiWeBfubM324ZiriSPwAy7SXPdJAfo8eC9ezASwdSukI:v/IgiWmubMGuinYAiyYoHS3Swwm
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-