Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bootstrap.zip
-
Size
2.3MB
-
Sample
250210-s3qrvawmcp
-
MD5
7ea5c504256572666654c6f12f100e87
-
SHA1
428f7953eb3d96ccfe3fd55893def7d97f550e6c
-
SHA256
498a264e7f2a6449c7886e1d7edffaff47dd3efbec822b093e501329734833ee
-
SHA512
6b568da61ee2b3689cf8df371e25f531b3bdb98110da0edf782099c5fc61d98c501165defa35131cc0cf8faf641abedf4eff3259230c01dbcd375d80ca24d05d
-
SSDEEP
49152:6yrXFFEbgA9jzBHwwQq0WDx3h1HNqXYls+FUdJ0zEQK2:/Fap3H1QArt+Yls+FUdCQL2
Static task
static1
Behavioral task
behavioral1
Sample
bootstrap.zip
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
bootstrap.zip
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
bootstrap.zip
-
Size
2.3MB
-
MD5
7ea5c504256572666654c6f12f100e87
-
SHA1
428f7953eb3d96ccfe3fd55893def7d97f550e6c
-
SHA256
498a264e7f2a6449c7886e1d7edffaff47dd3efbec822b093e501329734833ee
-
SHA512
6b568da61ee2b3689cf8df371e25f531b3bdb98110da0edf782099c5fc61d98c501165defa35131cc0cf8faf641abedf4eff3259230c01dbcd375d80ca24d05d
-
SSDEEP
49152:6yrXFFEbgA9jzBHwwQq0WDx3h1HNqXYls+FUdJ0zEQK2:/Fap3H1QArt+Yls+FUdCQL2
Score10/10-
Detects Rhadamanthys payload
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Rhadamanthys family
-
Enumerates VirtualBox registry keys
-
Looks for VirtualBox Guest Additions in registry
-
Downloads MZ/PE file
-
Looks for VMWare services registry key.
-
Uses the VBS compiler for execution
-