General
-
Target
57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
-
Size
343KB
-
Sample
230206-w2ql8sfc59
-
MD5
758a785ce8155a417d1cd33234d1062d
-
SHA1
6b6773fbc2b0fcd149d2ba7a17a6e0aa8ee407af
-
SHA256
57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
-
SHA512
11b745bc22f6684d3bbc44a7072977f3ee45440260562aeb115883b72c84875f9ab7cdff33645a6931297c77b4e54e171f33e836874ed6097af7fd5b45be467d
-
SSDEEP
6144:C3XsdLOhkHuVmnk/JZcvQG/izPqyO2QwrBVuQj9Cv/ia:CsdCX5/TdG/izPFO2PrvljwS
Static task
static1
Behavioral task
behavioral1
Sample
57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
-
Size
343KB
-
MD5
758a785ce8155a417d1cd33234d1062d
-
SHA1
6b6773fbc2b0fcd149d2ba7a17a6e0aa8ee407af
-
SHA256
57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
-
SHA512
11b745bc22f6684d3bbc44a7072977f3ee45440260562aeb115883b72c84875f9ab7cdff33645a6931297c77b4e54e171f33e836874ed6097af7fd5b45be467d
-
SSDEEP
6144:C3XsdLOhkHuVmnk/JZcvQG/izPqyO2QwrBVuQj9Cv/ia:CsdCX5/TdG/izPFO2PrvljwS
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-