Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ca365b3c66fc9ba02f6cc379ada50016e7ad2e5f7476f1370fead234520e0800
-
Size
1.9MB
-
Sample
230307-r5ea6aae26
-
MD5
dec2afbe8895a0956428a542661f83ab
-
SHA1
3117c05aff94de1454cc2875dbfb788482e9187c
-
SHA256
ca365b3c66fc9ba02f6cc379ada50016e7ad2e5f7476f1370fead234520e0800
-
SHA512
38f376818c20773cc5aff7c985633482b8fd602d0007eb5ffd30804b824dd7667d9274f3fd632b045c4ebaf378afdf582c26ddb55ceb5b5afc3c9ac54a3d2658
-
SSDEEP
24576:SFEVVlT/r1HK5dd1NUGGwsKZmd2RWtc6fOhS+CwCcc9mgQfvHJs9RJ:Dj1cmN6R25+EpJv
Static task
static1
Behavioral task
behavioral1
Sample
ca365b3c66fc9ba02f6cc379ada50016e7ad2e5f7476f1370fead234520e0800.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ca365b3c66fc9ba02f6cc379ada50016e7ad2e5f7476f1370fead234520e0800
-
Size
1.9MB
-
MD5
dec2afbe8895a0956428a542661f83ab
-
SHA1
3117c05aff94de1454cc2875dbfb788482e9187c
-
SHA256
ca365b3c66fc9ba02f6cc379ada50016e7ad2e5f7476f1370fead234520e0800
-
SHA512
38f376818c20773cc5aff7c985633482b8fd602d0007eb5ffd30804b824dd7667d9274f3fd632b045c4ebaf378afdf582c26ddb55ceb5b5afc3c9ac54a3d2658
-
SSDEEP
24576:SFEVVlT/r1HK5dd1NUGGwsKZmd2RWtc6fOhS+CwCcc9mgQfvHJs9RJ:Dj1cmN6R25+EpJv
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-