Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

g2m.dll

windows7-x64

1

g2m.dll

windows10-2004-x64

3

install.exe

windows7-x64

1

install.exe

windows10-2004-x64

10

run.bat

windows7-x64

1

run.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rdamy (1).zip

  • Size

    577KB

  • Sample

    240610-wpd3nsvhrj

  • MD5

    77a7361c39bc68feff4eec8c0be71226

  • SHA1

    f3e6d9bb49c646dcfbaf8a97e056da0c06ec9ec5

  • SHA256

    c864ab5ef50b025944037f9ee0feec332ca62a734f7650e6c411617d1b7dc174

  • SHA512

    e86011b3d57096563b5c841fcf2086334bb8aac89042f388b385b1f24c1832de5f18e074b1983e3e3cf7ec39c72e29b7796d448e19ff9eae82455be078b5bc76

  • SSDEEP

    12288:+REEFAAyYO4y4P+6cGTpmO1uWaBO0GF9CqM:OEEtO4y4m6NFduW0OD6

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      g2m.dll

    • Size

      400KB

    • MD5

      9e0c959df25e74c80dfa5adba4eaa5c7

    • SHA1

      9c5a3ed851e32617b1b294bb2c749a60988439d1

    • SHA256

      d1b14d951ccaafc14ab24992678b2fee915838bbc89a32944833268cbba10f68

    • SHA512

      36520d6e61833ce446b4e9f01c065bc08f47e91a3125305c5d0fe27f01f2cc19be59c9b4eacc6f0b8fc74536b718decccc7aa1aac8e9de5e685d1893e10a786a

    • SSDEEP

      6144:Nt262Yh8H++Xz5YRa5bfpLECjVllx76r2xaP23O/d120:HIF+8Rx4CJTx76r2xaYOO

    Score
    3/10
    behavioral1behavioral2

    • Target

      install.exe

    • Size

      39KB

    • MD5

      f1b14f71252de9ac763dbfbfbfc8c2dc

    • SHA1

      dcc2dcb26c1649887f1d5ae557a000b5fe34bb98

    • SHA256

      796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5

    • SHA512

      636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0

    • SSDEEP

      768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral3behavioral4

    • Target

      run.bat

    • Size

      73B

    • MD5

      ed0af6063e22a6abf2073ba2321a9731

    • SHA1

      0142b9f8e7518951113104f13e53c1fa24bd654a

    • SHA256

      c9ee9421067791957a1382ef092232b20ed90ba30feb6bd2d6c16c86307e9e16

    • SHA512

      02c24d1189114ecacc78adcdd7e0e6331ac8c349e70b382ed964d2d57c9456e7891092cc5bf224a126522073b0164eec1eba3e5e16eff3c81254aba1d1ca9b88

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks