Resubmissions
25-01-2023 08:21
230125-j81dsshb4s 10Analysis
-
max time kernel
28s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
25-01-2023 08:21
Static task
static1
Behavioral task
behavioral1
Sample
0661211795-LEXWARE.rar
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Rechnung Haufe Service Center.scr
Resource
win7-20221111-en
General
-
Target
Rechnung Haufe Service Center.scr
-
Size
667.0MB
-
MD5
b12f1d4a95592748e1fb41451521b9fa
-
SHA1
872d4d0b94e151b0c3ceaf252084665ce9517c2b
-
SHA256
a268bee824e768a5d5fd978884900db7a0e6a863e31abe7eeeb9be73ce41ce83
-
SHA512
1d2b606f076fbb53be8ab52f0b20bcc2112423d1aa0b2e209a3042702fab17688ae4e010f802c1820b9d29499ca55e93cc7df5c910503193a78c6c9814798570
-
SSDEEP
12288:yOnYaVxRJPdExPNLChjqBc9HfXn9idg35HTl:1bRJPdExPNGmc9HfXc85Z
Malware Config
Signatures
-
Detect rhadamanthys stealer shellcode 1 IoCs
Processes:
resource yara_rule behavioral2/memory/2024-57-0x0000000000080000-0x000000000009D000-memory.dmp family_rhadamanthys -
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2024-54-0x00000000760C1000-0x00000000760C3000-memory.dmpFilesize
8KB
-
memory/2024-55-0x0000000000400000-0x0000000000433000-memory.dmpFilesize
204KB
-
memory/2024-56-0x0000000000400000-0x0000000000433000-memory.dmpFilesize
204KB
-
memory/2024-57-0x0000000000080000-0x000000000009D000-memory.dmpFilesize
116KB