Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e9ee69fd11ffdc0a62ba708cd3e8404be6c81b54c37c3b57447380d25b81dfc

  • Size

    366KB

  • Sample

    230209-cs56safc7v

  • MD5

    ad4daa125809e88d998ea41f419b0f88

  • SHA1

    0f2b57108619ec48a1e8a3438a9d9d38c7ca50a7

  • SHA256

    8e9ee69fd11ffdc0a62ba708cd3e8404be6c81b54c37c3b57447380d25b81dfc

  • SHA512

    e32de3dc5eeb5dbcd3f32df96c8ce572a6c7a79e26c2b8dc61fb1c76797f4f98bf7fea21e78823446ef599060a64212b12877b0c486611715be73152bcb73d4c

  • SSDEEP

    6144:HMHkoAp3TEsX84Kz62NOUJQjHQkeQGSkv:HMEoMQufQkei

Score
10/10
rhadamanthyscollectiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      8e9ee69fd11ffdc0a62ba708cd3e8404be6c81b54c37c3b57447380d25b81dfc

    • Size

      366KB

    • MD5

      ad4daa125809e88d998ea41f419b0f88

    • SHA1

      0f2b57108619ec48a1e8a3438a9d9d38c7ca50a7

    • SHA256

      8e9ee69fd11ffdc0a62ba708cd3e8404be6c81b54c37c3b57447380d25b81dfc

    • SHA512

      e32de3dc5eeb5dbcd3f32df96c8ce572a6c7a79e26c2b8dc61fb1c76797f4f98bf7fea21e78823446ef599060a64212b12877b0c486611715be73152bcb73d4c

    • SSDEEP

      6144:HMHkoAp3TEsX84Kz62NOUJQjHQkeQGSkv:HMEoMQufQkei

    Score
    10/10
    rhadamanthyscollectiondiscoveryspywarestealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks