Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Release_18...al.exe

windows7-x64

10

Release_18...al.exe

windows10-2004-x64

10

Release_18...al.jpg

windows7-x64

1

Release_18...al.jpg

windows10-2004-x64

1

Release_18...32.dll

windows7-x64

3

Release_18...32.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Release_1807.zip

  • Size

    208.7MB

  • Sample

    250310-nhx8zaszas

  • MD5

    053c0bfffec3819bd2c991d6b587f35b

  • SHA1

    92a97eac00a00dffe7af2d8fce10a35a548d886c

  • SHA256

    35ff7ac5964c28252fa1f62e44c1757025b12ac5e1ff4f378dd3c825afde0f4b

  • SHA512

    5f67cd261530bf5c98d7e3245d791512add475f75a5978352047226945982755a881f047d3cc16667996724cbae35a2526638b1e065907a892956e0ce32338f9

  • SSDEEP

    6291456:M0ADO0Gy/F268IhPHSj0bQXZOULCjSkEqgxmE/3H:FAD7668UfSobLULLxqgxr

Score
10/10
rhadamanthysdiscoverypersistencestealer

Malware Config

Targets

    • Target

      Release_1807/Expediente de pruebas de infracción de propiedad intelectual.exe

    • Size

      6.1MB

    • MD5

      4864a55cff27f686023456a22371e790

    • SHA1

      6ed30c0371fe167d38411bfa6d720fcdcacc4f4c

    • SHA256

      08c7fb6067acc8ac207d28ab616c9ea5bc0d394956455d6a3eecb73f8010f7a2

    • SHA512

      4bd3a16435cca6ce7a7aa829eb967619a8b7c02598474e634442cffc55935870d54d844a04496bf9c7e8c29c40fae59ac6eb39c8550c091d06a28211491d0bfb

    • SSDEEP

      98304:VZQIM+/nv/CDoAkYwpAa5ge1zZ/jtdZwUkQ:bJCKlA2VKUz

    Score
    10/10
    rhadamanthysdiscoverypersistencestealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      Release_1807/Expediente de pruebas de infracción de propiedad intelectual.jpg

    • Size

      186.0MB

    • MD5

      f0d5d35fd26c65e42f4af8b610e2a051

    • SHA1

      c62969ec1dff803b9a76b50ae8565fbaa6713508

    • SHA256

      0b8533914e417a5c0ce2b58affa1a1923c0426d3ab2aa6cbf16a344d1172e7bd

    • SHA512

      762ed2a403395d3fed28f6e26599c70e7295a79c7cd92ec06650ffcf4f71f43034fe26f68ebda48459d1c00722438e4d015fb51974e5f3e878cb3cd23623ccdb

    • SSDEEP

      3145728:lP5we+ubm/Z/QpQWQPkIhmuMm9ul4u395zv0pm7+GEovGtmmIYuOJI3vzvIosQ:lP2etm/ZNkI0PmAl4uN7i4mmm2OJEjIm

    Score
    1/10
    behavioral3behavioral4

    • Target

      Release_1807/msimg32.dll

    • Size

      57.6MB

    • MD5

      51182931113f78fa2c522d912c67b3fc

    • SHA1

      c63d3729a6a48b3068d16d706b67cfbf8f58ba3b

    • SHA256

      5fd238201d52f3f914eaab4b42d64080ef44431f34e0fad16806b6bc8a4f714e

    • SHA512

      fab744594e9ca536111e74dafef39192cbc13c4b5b0da7595f66cd37bd978cae64cab45d943fecca914b63af930b12cc26f2e953e48f0561e7d61bd6be7ba110

    • SSDEEP

      1572864:vQlp/dbyylHHB5eZZIDPOtUK03jXeZp86wOmpAW6fuFgZGhEV6lD5k1n0u7Saghy:ofFnbPOuK03jXeZp86wOmpUfuFAG8V0w

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks