Overview

overview

10

Static

static

1

dfa939a016...d4.exe

windows7-x64

10

dfa939a016...d4.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dfa939a016791299b2a7c8572b220c56fc3b2fb2d72bc1a48b043e48a0fd17d4

  • Size

    199KB

  • Sample

    230313-jmvw7abb7x

  • MD5

    d9883d01907af5ab7971fe98fc84edca

  • SHA1

    dfad505969ef4bef3b680ac47af39d5dfa3be971

  • SHA256

    0e94e2b7fa91cb51791d7190de86d464c5ecd3a2816582c96fb563b476cc7e75

  • SHA512

    8bb7c64d0ff6fb0aa20f43a7a82e2f2ef73faa8b750120a0ab89853cb29e05a676958e533312ecb937badc5cd801e571971b3d58c4507c8ef3ab2826eefc224e

  • SSDEEP

    6144:dlnL+BTk/FmJZE7nmecxf3jtalCAJPNeYpHztse5O:0yFmjEKemf3qXJPdztseY

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      dfa939a016791299b2a7c8572b220c56fc3b2fb2d72bc1a48b043e48a0fd17d4

    • Size

      260KB

    • MD5

      6e969d94d94255ee5fcec7d25d37d628

    • SHA1

      dff9177b66cc0b85574b1efa9cd6f3e51dce5f14

    • SHA256

      dfa939a016791299b2a7c8572b220c56fc3b2fb2d72bc1a48b043e48a0fd17d4

    • SHA512

      a4791dc27edb7a4ed769ed7f082b8e85cc4e4a66bbeedc13a9f31f650acc3a72a9a95ca5187fed8aa4559bc82d214aa9be2906e2048b0165617d5c0a2386939f

    • SSDEEP

      6144:mg1iSGJZE7nkecxf3jHalCAJtNeYpHzuYCP:ziSgEwemf3sXJtdzuYCP

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks