Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
setup.exe
-
Size
337KB
-
Sample
230414-bedc6sgg2z
-
MD5
549b4969e6c19a9da8cc01cc569ebda1
-
SHA1
ce157b8936f936f4b4475c104636a941ac5b80b1
-
SHA256
d5c4f26dc62481afd19c0f66a0955270eb5a1aaec1d49da9aff2e0038656370c
-
SHA512
433851f5d4b84d9c1f1dca2c8d824b8a21c2242344fbaf16e0d124cc854c3499279f8c0ba5e78ee418a0b9c9f929db09e8633ea13fbc5c41c13e810e52eae89a
-
SSDEEP
6144:H8Crle4ePCnBZFALyInuUI1VZmdaXR/fYhppCAr:H8CrlePCnzFAvndvaB/3
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
setup.exe
-
Size
337KB
-
MD5
549b4969e6c19a9da8cc01cc569ebda1
-
SHA1
ce157b8936f936f4b4475c104636a941ac5b80b1
-
SHA256
d5c4f26dc62481afd19c0f66a0955270eb5a1aaec1d49da9aff2e0038656370c
-
SHA512
433851f5d4b84d9c1f1dca2c8d824b8a21c2242344fbaf16e0d124cc854c3499279f8c0ba5e78ee418a0b9c9f929db09e8633ea13fbc5c41c13e810e52eae89a
-
SSDEEP
6144:H8Crle4ePCnBZFALyInuUI1VZmdaXR/fYhppCAr:H8CrlePCnzFAvndvaB/3
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-