Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

2025-03-12...ia.exe

windows7-x64

3

2025-03-12...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-12_5b7cf52155754788f5277ef7745306ec_mafia

  • Size

    6.6MB

  • Sample

    250312-jg3d3stvew

  • MD5

    5b7cf52155754788f5277ef7745306ec

  • SHA1

    57429d324340031d73f92824cfeb4a5bd2307348

  • SHA256

    d76b1a7ffd0c9b3d86de88fd6bc34831d712cb4c143cde6d0e8221382dd4db94

  • SHA512

    c0bf42f1e0be7d587d7f3d8fcc9367df2d7de98281e889b3a0c3af029cf590cb04a879b116c6e957caf2bc5b3e39a5513b5720e7a82011d3428b09eafe32917e

  • SSDEEP

    49152:Eer5tvO2nzs4h9TsYaK9YxtP9PBZiqRouij6sBR4u8nn:X/vO2nQkaYMz5ZitP60R4u8n

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      2025-03-12_5b7cf52155754788f5277ef7745306ec_mafia

    • Size

      6.6MB

    • MD5

      5b7cf52155754788f5277ef7745306ec

    • SHA1

      57429d324340031d73f92824cfeb4a5bd2307348

    • SHA256

      d76b1a7ffd0c9b3d86de88fd6bc34831d712cb4c143cde6d0e8221382dd4db94

    • SHA512

      c0bf42f1e0be7d587d7f3d8fcc9367df2d7de98281e889b3a0c3af029cf590cb04a879b116c6e957caf2bc5b3e39a5513b5720e7a82011d3428b09eafe32917e

    • SSDEEP

      49152:Eer5tvO2nzs4h9TsYaK9YxtP9PBZiqRouij6sBR4u8nn:X/vO2nQkaYMz5ZitP60R4u8n

    Score
    10/10
    discoveryrhadamanthysstealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks