General
-
Target
OBS-project.zip
-
Size
17.4MB
-
Sample
230116-l37l2add53
-
MD5
7b1c74e08d42757792cb935800da1e75
-
SHA1
b5902737cff8946ebc43771a47eca5237b2c6cdc
-
SHA256
4daaba19d412cdf3838a0c373cdc9b7cfc26423723307482e4b0f946909c726e
-
SHA512
821978f8ae4f5397813adde7a52f8e9a1791e78b7d33a6825e4e6576ae3d0ffd3fdfac8f05bfbc0d0c84813991097e7c2a15f98c7e4b8eee19696466440eac4b
-
SSDEEP
393216:xsCdwI+MshEZaynVkpk/7Q8BpuiiJKhMFUV28tP33+NM4:AASICshMFE28tvuNM4
Static task
static1
Behavioral task
behavioral1
Sample
OBS/OBS.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
OBS/OBS.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
OBS/OBS.exe
-
Size
726.7MB
-
MD5
1f0664bc6de1cb394c6fdcb4e8792d26
-
SHA1
734a5f8223ac62bd6ae12e881d5841791b1b7071
-
SHA256
0afc18a6890970fa87b32ea90270db1f723190bba3a4fb24957a901cbacc7de2
-
SHA512
e84ac11ad875d3cf9f853c535697818dba4ec666dbcc66cb2350379d0df091598b7ed5d2b1d59f4379d53b1e5c558d85e5c194b766b6b0b472803a0c7fa68b5d
-
SSDEEP
196608:ech1JnwRSDaTvKuXwk2SA9lE6PI/GR8x1MA8Ran:dJOBKZk2S0P6hvMXan
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-