Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2be20ff5cace7f97accf3f1bf88de430fd125d7b4a00fb19dbdb908076363716

  • Size

    313KB

  • Sample

    230322-fysz7afa55

  • MD5

    fb64fc9632320a42e8f67e064cbf7625

  • SHA1

    c4c40801ec5aac916a5266f6878ae056a8f43faf

  • SHA256

    2be20ff5cace7f97accf3f1bf88de430fd125d7b4a00fb19dbdb908076363716

  • SHA512

    695378bfc1a8962dbcd8026c932f50067a6c761808f1e34be7a169e8cf283b93ca4f05b66ef70e304720de697cbb810b790f9aa31a2d58e417c4d577ba730ff3

  • SSDEEP

    6144:T5S++bGLgI/WIkz/AeGawCSVQIywvU/qKlY71f:9z+bGkI/UDxwtmIzM/

Malware Config

Targets

    • Target

      2be20ff5cace7f97accf3f1bf88de430fd125d7b4a00fb19dbdb908076363716

    • Size

      313KB

    • MD5

      fb64fc9632320a42e8f67e064cbf7625

    • SHA1

      c4c40801ec5aac916a5266f6878ae056a8f43faf

    • SHA256

      2be20ff5cace7f97accf3f1bf88de430fd125d7b4a00fb19dbdb908076363716

    • SHA512

      695378bfc1a8962dbcd8026c932f50067a6c761808f1e34be7a169e8cf283b93ca4f05b66ef70e304720de697cbb810b790f9aa31a2d58e417c4d577ba730ff3

    • SSDEEP

      6144:T5S++bGLgI/WIkz/AeGawCSVQIywvU/qKlY71f:9z+bGkI/UDxwtmIzM/

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks