Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e1396b3d01363f49ffbfa3e3660b4102b6d20b24a9a0586689c359b5db50c2f

  • Size

    336KB

  • Sample

    230309-w3g2gsbc8t

  • MD5

    bd6cd7531897cfaaabb683823f6e9b6b

  • SHA1

    7f97fc52b845c118c9116f5e48d8bc82027dcd24

  • SHA256

    4e1396b3d01363f49ffbfa3e3660b4102b6d20b24a9a0586689c359b5db50c2f

  • SHA512

    f0a11a5ea0305c7c2fbd0721ae00594be846d9244d138d0a68907975a737d0d7b21e3f4a4f4ec42ce0d9186aba8d301887a8d5a0e8e265551ff5d4a382735da0

  • SSDEEP

    6144:6L9dnx5Tu1AWSGesHrRmJDn8bU8kN/Rw54xV:65dnbTu2RUmB8bU8klRw5

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      4e1396b3d01363f49ffbfa3e3660b4102b6d20b24a9a0586689c359b5db50c2f

    • Size

      336KB

    • MD5

      bd6cd7531897cfaaabb683823f6e9b6b

    • SHA1

      7f97fc52b845c118c9116f5e48d8bc82027dcd24

    • SHA256

      4e1396b3d01363f49ffbfa3e3660b4102b6d20b24a9a0586689c359b5db50c2f

    • SHA512

      f0a11a5ea0305c7c2fbd0721ae00594be846d9244d138d0a68907975a737d0d7b21e3f4a4f4ec42ce0d9186aba8d301887a8d5a0e8e265551ff5d4a382735da0

    • SSDEEP

      6144:6L9dnx5Tu1AWSGesHrRmJDn8bU8kN/Rw54xV:65dnbTu2RUmB8bU8klRw5

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks