Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
hoge.bin
-
Size
621KB
-
Sample
240614-jgjlzathlp
-
MD5
be87ad5596852c9930270778e9eced54
-
SHA1
34a1842d2fd4dbcdc27b892d18ad920ac9d03826
-
SHA256
38c17f2c490cee233f17e6484a1f3c25f3bff8d99ea0d6010f720b848d6a223e
-
SHA512
a16e49beb95f461ff5d4af63017bdcd9844800e8037d43942e28e0a3dfa71ceb0808e5020f955380902fdb4c9887ed6e092cfce9a9cf24f6be2e3e9586dbef04
-
SSDEEP
12288:zE50GSHrG6W42JcycysY0V3D9wCV+2nXGwnUP345WRgG3OkGGs/Lwmm:o+GSHrG6W42JcychY0FD9wCVBHw3yeJF
Static task
static1
Behavioral task
behavioral1
Sample
hoge.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
hoge.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
hoge.bin
-
Size
621KB
-
MD5
be87ad5596852c9930270778e9eced54
-
SHA1
34a1842d2fd4dbcdc27b892d18ad920ac9d03826
-
SHA256
38c17f2c490cee233f17e6484a1f3c25f3bff8d99ea0d6010f720b848d6a223e
-
SHA512
a16e49beb95f461ff5d4af63017bdcd9844800e8037d43942e28e0a3dfa71ceb0808e5020f955380902fdb4c9887ed6e092cfce9a9cf24f6be2e3e9586dbef04
-
SSDEEP
12288:zE50GSHrG6W42JcycysY0V3D9wCV+2nXGwnUP345WRgG3OkGGs/Lwmm:o+GSHrG6W42JcychY0FD9wCVBHw3yeJF
Score10/10-
Detects DLL dropped by Raspberry Robin.
Raspberry Robin.
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-