Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5defa0c8229861e1998918858bdf68f669aa45ceefd16525087602ca94eb4eab
-
Size
237KB
-
Sample
230215-eystraab28
-
MD5
04a1bb3349adfdfbbe943caf67d25628
-
SHA1
d633cb2f41a7765af4079457ebca79ec6be242bf
-
SHA256
5defa0c8229861e1998918858bdf68f669aa45ceefd16525087602ca94eb4eab
-
SHA512
eefca43736a99c212b6906aa1131f6c37f6b3e87cc26c04fcf43fa657cf9eb50b1efce2536b510c8caabcd9368f88bf41af5e21e062f828ca0ed4bf07367afda
-
SSDEEP
3072:T4Nr4jLlA2gn5aebkFp6KUZcSBFld+daN1pkSigheqwl5+p8+4j7NBts+n78k3:XLlpgwzp6vZFJgSigsl5J7syh
Malware Config
Targets
-
-
Target
5defa0c8229861e1998918858bdf68f669aa45ceefd16525087602ca94eb4eab
-
Size
237KB
-
MD5
04a1bb3349adfdfbbe943caf67d25628
-
SHA1
d633cb2f41a7765af4079457ebca79ec6be242bf
-
SHA256
5defa0c8229861e1998918858bdf68f669aa45ceefd16525087602ca94eb4eab
-
SHA512
eefca43736a99c212b6906aa1131f6c37f6b3e87cc26c04fcf43fa657cf9eb50b1efce2536b510c8caabcd9368f88bf41af5e21e062f828ca0ed4bf07367afda
-
SSDEEP
3072:T4Nr4jLlA2gn5aebkFp6KUZcSBFld+daN1pkSigheqwl5+p8+4j7NBts+n78k3:XLlpgwzp6vZFJgSigsl5J7syh
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-