Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

quanto.exe.bin.exe

windows7-x64

10

quanto.exe.bin.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    quanto.exe.bin.exe

  • Size

    4.6MB

  • Sample

    250324-xj94laxpx9

  • MD5

    8903a3a26cd448747ae51dc64e359211

  • SHA1

    198b3ea699183d292e95748300acc176773f6834

  • SHA256

    92f15aca3c8a18dc413b61ae62fa88f601c1a3d7d5d682c1384c0229396da603

  • SHA512

    4cbaa5e0c267f39baa8f9e07d6c13563ce25b7c4f8ef474388588bf9868d56713ebc663eaecfdb134aadc6d2e8e3802dff10c3ba5f86f335b42d813ff066bc5b

  • SSDEEP

    98304:MKaAh0jTZCMVjTec6LVdMi8SJblSEbWAj3FUn3v8n9VuIf9u3:/laRCMVa7dP82lSuzBkq/uIU3

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      quanto.exe.bin.exe

    • Size

      4.6MB

    • MD5

      8903a3a26cd448747ae51dc64e359211

    • SHA1

      198b3ea699183d292e95748300acc176773f6834

    • SHA256

      92f15aca3c8a18dc413b61ae62fa88f601c1a3d7d5d682c1384c0229396da603

    • SHA512

      4cbaa5e0c267f39baa8f9e07d6c13563ce25b7c4f8ef474388588bf9868d56713ebc663eaecfdb134aadc6d2e8e3802dff10c3ba5f86f335b42d813ff066bc5b

    • SSDEEP

      98304:MKaAh0jTZCMVjTec6LVdMi8SJblSEbWAj3FUn3v8n9VuIf9u3:/laRCMVa7dP82lSuzBkq/uIU3

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks