Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Launcher Setup 9.4.0.exe
-
Size
80.5MB
-
Sample
240217-y9yzpabb28
-
MD5
5301c201d43582969608deb750c031d1
-
SHA1
e0c81f24c1e7dfdbdbe4b6a88f06c16be264dc44
-
SHA256
0f2fc74204872d5d29737e90ace73bd23edaa2e5af8211669f2a90a0a4767ae7
-
SHA512
6a3781a72503d9475362f95ca798f0e6798e57fc69c17ec0b3b857b199f6cf5fbe4e7a57987b8eefa2aad7a69f39b3212896ff997413012225da772c1f27c86d
-
SSDEEP
1572864:92b+n6npC5ZhWkKV0mxFee1STuEWSzPGZq5xGGmG6qcK2V78QrOptItrjYpi:92Sn6npCokE0O1STuEWSCZqfGGdTtQrb
Static task
static1
Behavioral task
behavioral1
Sample
$PLUGINSDIR/app-64.7z
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
$PLUGINSDIR/app-64.7z
-
Size
80.0MB
-
MD5
3ee37c0a040d01b12c017d5910d9d2a0
-
SHA1
4722278c4de0742dcbaf92bbc73a1b0ecb44ab4a
-
SHA256
0b749b5d1a9c699ddb5fec5ffd600ba7ca15f410e54bc6bc5f2f834f69a46cb4
-
SHA512
6ad9ce42b0f0f0d2740b7899aaf776214f0ead4f649957e457150db38442f9a03d44ad74d7e60c59c4d38de57442cde360d3ce15bb05fee5d9fad87ab59f4ab5
-
SSDEEP
1572864:ab+n6npC5ZhWkKV0mxFee1STuEWSzPGZq5xGGmG6qcK2V78QrOptItrjYpT:aSn6npCokE0O1STuEWSCZqfGGdTtQrOR
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-