Overview

overview

10

Static

static

1

7cbf389b3d...27.exe

windows7-x64

1

7cbf389b3d...27.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7cbf389b3d3d7d0ac4fb9d1652c9b427.exe

  • Size

    1.3MB

  • Sample

    230223-kpbf1aha8z

  • MD5

    7cbf389b3d3d7d0ac4fb9d1652c9b427

  • SHA1

    f8db12a3fd8fc5d02c7e56bc727d5411702852c6

  • SHA256

    938deb1fb95c5990b581fd5b988f8d5a980d0f4a117cc6957012602f0196987d

  • SHA512

    739c6ba8901708204a913f55a4d636c933ac9ef73af166d331f8db77f2b1b53430cd19b4f3a85cc2718d64b37ceb4bde14f5e31144749ef45b918ae22d22063d

  • SSDEEP

    24576:IuTS4zbdAINM/2OLEJMVrxe+jRhWI7azyoQTz/fBU2Qt7XJjvo:/zBAmM/TAJM9vjvWp7QTr5U2+Vjvo

Score
10/10
rhadamanthyssystembcstealertrojan

Malware Config

Extracted

Family

systembc

C2

210.16.67.250:3000

192.168.1.28:3000

Targets

    • Target

      7cbf389b3d3d7d0ac4fb9d1652c9b427.exe

    • Size

      1.3MB

    • MD5

      7cbf389b3d3d7d0ac4fb9d1652c9b427

    • SHA1

      f8db12a3fd8fc5d02c7e56bc727d5411702852c6

    • SHA256

      938deb1fb95c5990b581fd5b988f8d5a980d0f4a117cc6957012602f0196987d

    • SHA512

      739c6ba8901708204a913f55a4d636c933ac9ef73af166d331f8db77f2b1b53430cd19b4f3a85cc2718d64b37ceb4bde14f5e31144749ef45b918ae22d22063d

    • SSDEEP

      24576:IuTS4zbdAINM/2OLEJMVrxe+jRhWI7azyoQTz/fBU2Qt7XJjvo:/zBAmM/TAJM9vjvWp7QTr5U2+Vjvo

    Score
    10/10
    rhadamanthyssystembcstealertrojan

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks