Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6334e7eae17935ebe9297b9f7eb3049f56fa8d120e4e2bd64863b061f1e73894

  • Size

    305KB

  • Sample

    230330-2spw8sgd9y

  • MD5

    4499d37024680616fa1e6302f0a18e0d

  • SHA1

    5526c8fb7c0331c1e4c4e75b8b96f5d7b0484391

  • SHA256

    6334e7eae17935ebe9297b9f7eb3049f56fa8d120e4e2bd64863b061f1e73894

  • SHA512

    f90d68595cc09dce88c1f7e8380b14127ae2d99a2c2583c085e758509d00b996ee2934a8dedf3581f1b2df695b33ef61d786da6b94a6875d9b3f9c339a70f5d9

  • SSDEEP

    6144:WQkTiymvSz078AoK6YRXJpbHV/gzKhexf:ZkTFmvSzaLD6YpJ1Voug

Malware Config

Targets

    • Target

      6334e7eae17935ebe9297b9f7eb3049f56fa8d120e4e2bd64863b061f1e73894

    • Size

      305KB

    • MD5

      4499d37024680616fa1e6302f0a18e0d

    • SHA1

      5526c8fb7c0331c1e4c4e75b8b96f5d7b0484391

    • SHA256

      6334e7eae17935ebe9297b9f7eb3049f56fa8d120e4e2bd64863b061f1e73894

    • SHA512

      f90d68595cc09dce88c1f7e8380b14127ae2d99a2c2583c085e758509d00b996ee2934a8dedf3581f1b2df695b33ef61d786da6b94a6875d9b3f9c339a70f5d9

    • SSDEEP

      6144:WQkTiymvSz078AoK6YRXJpbHV/gzKhexf:ZkTFmvSzaLD6YpJ1Voug

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks