Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    645784b871d6a9eaefe9305a9b4a8fd6f8eb838740f58f737887608d2e84a9fc

  • Size

    270KB

  • Sample

    230311-phvnhshd98

  • MD5

    0f9694cdd6f6f21f5909880c955c2b74

  • SHA1

    d0a899e646be9991f5c9188af7a07956bacc4509

  • SHA256

    645784b871d6a9eaefe9305a9b4a8fd6f8eb838740f58f737887608d2e84a9fc

  • SHA512

    ccbc59ad7c4af074ba04ea57d422ab943d1fa3401116faa610268bc8223e0da899e7e4898cef4948bee9a0ea0e1933baa1bcc2333e54b84ef33537da4dcb2e60

  • SSDEEP

    6144:AqFIGhW+J6zoNaaOVJj9uMM5+6RUfQso:JiGT+oExksjfQs

Malware Config

Targets

    • Target

      645784b871d6a9eaefe9305a9b4a8fd6f8eb838740f58f737887608d2e84a9fc

    • Size

      270KB

    • MD5

      0f9694cdd6f6f21f5909880c955c2b74

    • SHA1

      d0a899e646be9991f5c9188af7a07956bacc4509

    • SHA256

      645784b871d6a9eaefe9305a9b4a8fd6f8eb838740f58f737887608d2e84a9fc

    • SHA512

      ccbc59ad7c4af074ba04ea57d422ab943d1fa3401116faa610268bc8223e0da899e7e4898cef4948bee9a0ea0e1933baa1bcc2333e54b84ef33537da4dcb2e60

    • SSDEEP

      6144:AqFIGhW+J6zoNaaOVJj9uMM5+6RUfQso:JiGT+oExksjfQs

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks