Resubmissions
25-01-2023 08:21
230125-j81dsshb4s 10Analysis
-
max time kernel
28s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
25-01-2023 08:21
General
-
Target
Rechnung Haufe Service Center.scr
-
Size
667.0MB
-
MD5
b12f1d4a95592748e1fb41451521b9fa
-
SHA1
872d4d0b94e151b0c3ceaf252084665ce9517c2b
-
SHA256
a268bee824e768a5d5fd978884900db7a0e6a863e31abe7eeeb9be73ce41ce83
-
SHA512
1d2b606f076fbb53be8ab52f0b20bcc2112423d1aa0b2e209a3042702fab17688ae4e010f802c1820b9d29499ca55e93cc7df5c910503193a78c6c9814798570
-
SSDEEP
12288:yOnYaVxRJPdExPNLChjqBc9HfXn9idg35HTl:1bRJPdExPNGmc9HfXc85Z
Score
10/10
Malware Config
Signatures
-
Detect rhadamanthys stealer shellcode 1 IoCs
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
Processes
-
C:\Users\Admin\AppData\Local\Temp\Rechnung Haufe Service Center.scr"C:\Users\Admin\AppData\Local\Temp\Rechnung Haufe Service Center.scr" /S1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2024-54-0x00000000760C1000-0x00000000760C3000-memory.dmpFilesize
8KB
-
memory/2024-55-0x0000000000400000-0x0000000000433000-memory.dmpFilesize
204KB
-
memory/2024-56-0x0000000000400000-0x0000000000433000-memory.dmpFilesize
204KB
-
memory/2024-57-0x0000000000080000-0x000000000009D000-memory.dmpFilesize
116KB