Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    tmp

  • Size

    320KB

  • Sample

    230213-n9aa8ada64

  • MD5

    7a9b6eb60536124b2f91400c444c55f5

  • SHA1

    7c67fc722d6c12f9349b4119c2a960d3b590c0da

  • SHA256

    a9b130790783e321b1817977af11af8117662e77a246e3902479f39cba863249

  • SHA512

    c9be0f1546f7702648135992e186e744cf542e218ac51c49c051ed6fe6cb7af76d121a74e5194c797d9a5e107c6653b9caf8fffcc6f73e88df6f9cb0ffe1f38b

  • SSDEEP

    6144:PGzt0gWK+yGvYIynRkaHvLDe5rfSXRVFL9tCcC+p1j6FxDQPw32B8f:PgcYPn7TDsgFRtZ2d0w

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      tmp

    • Size

      320KB

    • MD5

      7a9b6eb60536124b2f91400c444c55f5

    • SHA1

      7c67fc722d6c12f9349b4119c2a960d3b590c0da

    • SHA256

      a9b130790783e321b1817977af11af8117662e77a246e3902479f39cba863249

    • SHA512

      c9be0f1546f7702648135992e186e744cf542e218ac51c49c051ed6fe6cb7af76d121a74e5194c797d9a5e107c6653b9caf8fffcc6f73e88df6f9cb0ffe1f38b

    • SSDEEP

      6144:PGzt0gWK+yGvYIynRkaHvLDe5rfSXRVFL9tCcC+p1j6FxDQPw32B8f:PgcYPn7TDsgFRtZ2d0w

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks