Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d28ccd84643ad4262c437bb93be0c5e3992014569395749c5bb45c6ac5f14fd
-
Size
2.9MB
-
Sample
230317-lsqwjafe69
-
MD5
3236f27e8efbc95db91ac93970ff60e1
-
SHA1
afcf28c6f1100c7f6c2da313a320a05c92282746
-
SHA256
0d28ccd84643ad4262c437bb93be0c5e3992014569395749c5bb45c6ac5f14fd
-
SHA512
55154ba9b5409a45cf9385caeb703df4198cf0de4442023203776d326ac1feb8199b2cbb2eaf09cdd22641204bf188ce183a1c25c59e76f0ba09cbec952cb4f5
-
SSDEEP
49152:LkagEh1VUeYVbcmpzf4Ej3TYLhHyYE74:LPgEhC
Static task
static1
Behavioral task
behavioral1
Sample
0d28ccd84643ad4262c437bb93be0c5e3992014569395749c5bb45c6ac5f14fd.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
0d28ccd84643ad4262c437bb93be0c5e3992014569395749c5bb45c6ac5f14fd
-
Size
2.9MB
-
MD5
3236f27e8efbc95db91ac93970ff60e1
-
SHA1
afcf28c6f1100c7f6c2da313a320a05c92282746
-
SHA256
0d28ccd84643ad4262c437bb93be0c5e3992014569395749c5bb45c6ac5f14fd
-
SHA512
55154ba9b5409a45cf9385caeb703df4198cf0de4442023203776d326ac1feb8199b2cbb2eaf09cdd22641204bf188ce183a1c25c59e76f0ba09cbec952cb4f5
-
SSDEEP
49152:LkagEh1VUeYVbcmpzf4Ej3TYLhHyYE74:LPgEhC
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-