Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a10386e62ad4e91a86c164a0288564cf.exe

  • Size

    207KB

  • Sample

    230115-nmp36aaa6t

  • MD5

    a10386e62ad4e91a86c164a0288564cf

  • SHA1

    6135151cbb13013b07510bab11df7006d930f49f

  • SHA256

    259d03eb1abf679421dfaac9e04881e82385aeea11a168aecb25101d0e65070b

  • SHA512

    bbeec805e9882357758ab2271aa765b9628a986d0864b9a0f7967d1ba90fae45982b69db7deae2bfdef0ff0ed6720b6b688a9acdae2dcd1c445711ad0cc82d6b

  • SSDEEP

    3072:jXt5qNx67uPiuFbdMa59LT6dpN+VxuJdJMIsn/cU8xwHmapb:bqx67uPiunLT6IqPMxzzp

Malware Config

Targets

    • Target

      a10386e62ad4e91a86c164a0288564cf.exe

    • Size

      207KB

    • MD5

      a10386e62ad4e91a86c164a0288564cf

    • SHA1

      6135151cbb13013b07510bab11df7006d930f49f

    • SHA256

      259d03eb1abf679421dfaac9e04881e82385aeea11a168aecb25101d0e65070b

    • SHA512

      bbeec805e9882357758ab2271aa765b9628a986d0864b9a0f7967d1ba90fae45982b69db7deae2bfdef0ff0ed6720b6b688a9acdae2dcd1c445711ad0cc82d6b

    • SSDEEP

      3072:jXt5qNx67uPiuFbdMa59LT6dpN+VxuJdJMIsn/cU8xwHmapb:bqx67uPiunLT6IqPMxzzp

    • Detect rhadamanthys stealer shellcode

    • Detects Smokeloader packer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v6

Tasks