lgoogloader | 9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4
Size

1.7MB
Sample

230119-chx3eshd6w
MD5

3d631a7559e59537a57e9fbef5dc9d8c
SHA1

6f6bbfab293562ac339e2f2134c76e6aa99be5fb
SHA256

9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4
SHA512

425e65bdac791e92ee0d375da3047fe0dfc73950728b5c68df64991970cbde940896c388947585f6201cc1a5e769773d9290ff443c202e32ee55a603f87ee0e9
SSDEEP

49152:tQGiOdmVLsuiPTEVGdiNoVBe9ihFL3LvBH8:tQGiHQTldiNo09CzLvBc

Score

10^/10

lgoogloader rhadamanthys downloader stealer

Static task

static1

Behavioral task

behavioral1

Sample

9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4.exe

Resource

win10v2004-20221111-en

lgoogloader rhadamanthys downloader stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4
- Size
  
  1.7MB
- MD5
  
  3d631a7559e59537a57e9fbef5dc9d8c
- SHA1
  
  6f6bbfab293562ac339e2f2134c76e6aa99be5fb
- SHA256
  
  9ba9a2feb73a5cf966c84486493cd6794723538f57e9100d7e5f3bf83c148ba4
- SHA512
  
  425e65bdac791e92ee0d375da3047fe0dfc73950728b5c68df64991970cbde940896c388947585f6201cc1a5e769773d9290ff443c202e32ee55a603f87ee0e9
- SSDEEP
  
  49152:tQGiOdmVLsuiPTEVGdiNoVBe9ihFL3LvBH8:tQGiHQTldiNo09CzLvBc
Score

10^/10

lgoogloader rhadamanthys downloader stealer
- Detect rhadamanthys stealer shellcode
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lgoogloaderrhadamanthysdownloaderstealer

© 2018-2024

Terms | Privacy