Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cd7b680c1d33ea53f40d274e809ef217.bin

  • Size

    246KB

  • Sample

    230331-chbjeshf5w

  • MD5

    c41c01ed613d67681b0243b49776aeea

  • SHA1

    cf7afc0379e074b23deb830f7e18ed15ba41a740

  • SHA256

    67fa2d453117613f6eb3181144633448deed89e0257463e8001edecd7b991b9b

  • SHA512

    a100fcb96df632833717950c61d464156803580fe7856e140af6823840624b713c82515dc439d34e83b3c8216ca8b9dc227b63644fe90c18d53ba39c614e57ef

  • SSDEEP

    6144:zeKfoFxao1af1+mAl6samUICCJsOCDfsDbzXpnIvPGD7:Eeo1af1NA+sJATyfXZIvPGP

Malware Config

Targets

    • Target

      aa149abdd00dd6344cd661a977468105dfdaba67753df2fbd99fb075f7b7a15d.exe

    • Size

      366KB

    • MD5

      cd7b680c1d33ea53f40d274e809ef217

    • SHA1

      f27a6398cad0a562b56d2eccdac462b9a780d991

    • SHA256

      aa149abdd00dd6344cd661a977468105dfdaba67753df2fbd99fb075f7b7a15d

    • SHA512

      2a178fef2ee96a4d626540d1fa7493d45216c21478626240864716e58de24b5156fa7aa1e78c76af18ed81fd4b2509ebef4abdc6a56f237cc21e0212495f572f

    • SSDEEP

      6144:i9vnyWDSKcczM3mOsFsqlPJEMs+EWryl:i9f5WKRonoRjEWrQ

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks