Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a47c2d84f330efa04265b34e7dc1fd149954c5f1110c6896414f313b7ce17a2

  • Size

    371KB

  • Sample

    230315-qsbh3adc72

  • MD5

    bf824b7e427ecdd9e48e9585e5320585

  • SHA1

    b06f93a8c18a5c74357787a7a4159606f1abf6f6

  • SHA256

    2a47c2d84f330efa04265b34e7dc1fd149954c5f1110c6896414f313b7ce17a2

  • SHA512

    daae842378c6bbe624423758201dcc6bf7e5466e61f47716345b4694329ace011c923175e5d253ae9858a801b6ea906ce95b33bbd06d6c6ad4e584940f1d678f

  • SSDEEP

    6144:b5KLjqVWr6/gajtgBB3Q7XghWiT3DH0J:bg/qMoLRgBB3Q7hi

Score
10/10

Malware Config

Targets

    • Target

      2a47c2d84f330efa04265b34e7dc1fd149954c5f1110c6896414f313b7ce17a2

    • Size

      371KB

    • MD5

      bf824b7e427ecdd9e48e9585e5320585

    • SHA1

      b06f93a8c18a5c74357787a7a4159606f1abf6f6

    • SHA256

      2a47c2d84f330efa04265b34e7dc1fd149954c5f1110c6896414f313b7ce17a2

    • SHA512

      daae842378c6bbe624423758201dcc6bf7e5466e61f47716345b4694329ace011c923175e5d253ae9858a801b6ea906ce95b33bbd06d6c6ad4e584940f1d678f

    • SSDEEP

      6144:b5KLjqVWr6/gajtgBB3Q7XghWiT3DH0J:bg/qMoLRgBB3Q7hi

    Score
    10/10
    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks