Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a7867748594a9112317189ae39d6e49f8d41ded2aca102209c2a73a13a1126ee
-
Size
248KB
-
Sample
230205-z7navaec7t
-
MD5
dd70d6f65ac9130bad2fa6e1d212b8c1
-
SHA1
1efd5dbfe68f298292b3c74aa121dc1249bd7528
-
SHA256
a7867748594a9112317189ae39d6e49f8d41ded2aca102209c2a73a13a1126ee
-
SHA512
4a6771a0d400547d432ae461d5700307d3cee2e09377ac8f621a015f15c86e546f85b050700906a3a133d60b117968529bcfccc553afba754e10c769e9ceef78
-
SSDEEP
3072:FPP4OHwhsjezkNL959WwM95NueH39TBxLTEEIFBP1kuu5r:RP4cnj2GL/9PeX9lxLAEIFguu5
Malware Config
Targets
-
-
Target
a7867748594a9112317189ae39d6e49f8d41ded2aca102209c2a73a13a1126ee
-
Size
248KB
-
MD5
dd70d6f65ac9130bad2fa6e1d212b8c1
-
SHA1
1efd5dbfe68f298292b3c74aa121dc1249bd7528
-
SHA256
a7867748594a9112317189ae39d6e49f8d41ded2aca102209c2a73a13a1126ee
-
SHA512
4a6771a0d400547d432ae461d5700307d3cee2e09377ac8f621a015f15c86e546f85b050700906a3a133d60b117968529bcfccc553afba754e10c769e9ceef78
-
SSDEEP
3072:FPP4OHwhsjezkNL959WwM95NueH39TBxLTEEIFBP1kuu5r:RP4cnj2GL/9PeX9lxLAEIFguu5
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-