Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    31772c68ee17c7418b662360c0c1878ab425053fbee7855d7427af40275dbebc

  • Size

    250KB

  • Sample

    230320-q3phnsfg6s

  • MD5

    1b3c1aaec67d86d628ef83a565c77915

  • SHA1

    33f3d77623834c7c9bef8680df57810cb491e40b

  • SHA256

    31772c68ee17c7418b662360c0c1878ab425053fbee7855d7427af40275dbebc

  • SHA512

    99450c474b964208f9f5b5364981e9118e180f191b21d9d62d161f72207bccdca9c19b7ee8fafef6b2f2ab6bcae45471344c05c6733363b7c5ecaa21b415ed69

  • SSDEEP

    3072:jhlKDLfIO91NbcLOn6zK9scN3/UD2EoXAE8VZvViOGJ0Ivkg6OegyBrMwTZv:/8Lw9I6WecN3/UF40ZvCJ02R6uir9

Malware Config

Targets

    • Target

      31772c68ee17c7418b662360c0c1878ab425053fbee7855d7427af40275dbebc

    • Size

      250KB

    • MD5

      1b3c1aaec67d86d628ef83a565c77915

    • SHA1

      33f3d77623834c7c9bef8680df57810cb491e40b

    • SHA256

      31772c68ee17c7418b662360c0c1878ab425053fbee7855d7427af40275dbebc

    • SHA512

      99450c474b964208f9f5b5364981e9118e180f191b21d9d62d161f72207bccdca9c19b7ee8fafef6b2f2ab6bcae45471344c05c6733363b7c5ecaa21b415ed69

    • SSDEEP

      3072:jhlKDLfIO91NbcLOn6zK9scN3/UD2EoXAE8VZvViOGJ0Ivkg6OegyBrMwTZv:/8Lw9I6WecN3/UF40ZvCJ02R6uir9

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks