Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4099b352c15d6191c8d98a823c9b95b58baa2bc1c308f06e6697562cd21c339f

  • Size

    312KB

  • Sample

    230330-b4degacb9z

  • MD5

    497cfa2431d03c06f6a60fa55d587dbc

  • SHA1

    0b572da520699d7514b0f18edd20cd2d06d03238

  • SHA256

    4099b352c15d6191c8d98a823c9b95b58baa2bc1c308f06e6697562cd21c339f

  • SHA512

    75894723e76cae897ac51b87e6c25f83d2c677dabc0aacaf9d95f429e7e5d2820d40de3af9793f898ebe5303c7b8ee1cc45a9b8882c048b187e75f8f293aa645

  • SSDEEP

    6144:REolVJf1L+w2BSMz/rVAEG06a+ZYpxkS:RXVJdSw2oMz/Onr8

Malware Config

Targets

    • Target

      4099b352c15d6191c8d98a823c9b95b58baa2bc1c308f06e6697562cd21c339f

    • Size

      312KB

    • MD5

      497cfa2431d03c06f6a60fa55d587dbc

    • SHA1

      0b572da520699d7514b0f18edd20cd2d06d03238

    • SHA256

      4099b352c15d6191c8d98a823c9b95b58baa2bc1c308f06e6697562cd21c339f

    • SHA512

      75894723e76cae897ac51b87e6c25f83d2c677dabc0aacaf9d95f429e7e5d2820d40de3af9793f898ebe5303c7b8ee1cc45a9b8882c048b187e75f8f293aa645

    • SSDEEP

      6144:REolVJf1L+w2BSMz/rVAEG06a+ZYpxkS:RXVJdSw2oMz/Onr8

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks