Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.zip
-
Size
25KB
-
Sample
240612-qed22awcnh
-
MD5
93a6f47d15850557072286bd50b3c00d
-
SHA1
2b428e32a101a947a342387c5c8afad041f3cff0
-
SHA256
e5abe1f82fd818618657b5edec67c172ce04013f7377628112757a4dceddd172
-
SHA512
64ece77d9925dba2014091007b99d1722ea9b2c8c6333bea5e799ae1b958a0b7ef2e60c1457dc6a102d2faa7b897a025d5c2ddb9da362b36b5824a68552cda47
-
SSDEEP
192:bbqnHZZTuTYiQ5NVbh5/VgLuB1yyqbVAHsDXK3V4+TpP6QuoATDYJkrC7xbMzIwM:kbPnHsD2P6Xr2kbos5xO8RQrk6
Static task
static1
Behavioral task
behavioral1
Sample
file.js
Resource
win11-20240611-en
Malware Config
Extracted
https://opensun.monster/25053.bs64
Targets
-
-
Target
file.zip
-
Size
25KB
-
MD5
93a6f47d15850557072286bd50b3c00d
-
SHA1
2b428e32a101a947a342387c5c8afad041f3cff0
-
SHA256
e5abe1f82fd818618657b5edec67c172ce04013f7377628112757a4dceddd172
-
SHA512
64ece77d9925dba2014091007b99d1722ea9b2c8c6333bea5e799ae1b958a0b7ef2e60c1457dc6a102d2faa7b897a025d5c2ddb9da362b36b5824a68552cda47
-
SSDEEP
192:bbqnHZZTuTYiQ5NVbh5/VgLuB1yyqbVAHsDXK3V4+TpP6QuoATDYJkrC7xbMzIwM:kbPnHsD2P6Xr2kbos5xO8RQrk6
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-