Overview

overview

10

Static

static

1

efbf74e9aa...65.exe

windows7-x64

10

efbf74e9aa...65.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    efbf74e9aa9de8f98d05950d54dc3c65.exe

  • Size

    363KB

  • Sample

    230316-tls2baea2y

  • MD5

    efbf74e9aa9de8f98d05950d54dc3c65

  • SHA1

    3095e3dbdc19a726a0b59ea88d2599422013c101

  • SHA256

    233a2666a23ab1bae19296ee7f66ce3cdf6284db1ca4caaeb121530126419b42

  • SHA512

    ed346718e25f347d0640143a71d8bd75c2f517c9f194cdaa486bcdd378cede216af7e86ecaa3f6d582ae76b709a3e5580c7c84f017f179ba65eca6701547b87a

  • SSDEEP

    6144:eYIYLXZIQZIbYf3yzlv+tjvRfPWUjwwlJRH8AtvO:eMjZvIbY/6lij5fRF

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      efbf74e9aa9de8f98d05950d54dc3c65.exe

    • Size

      363KB

    • MD5

      efbf74e9aa9de8f98d05950d54dc3c65

    • SHA1

      3095e3dbdc19a726a0b59ea88d2599422013c101

    • SHA256

      233a2666a23ab1bae19296ee7f66ce3cdf6284db1ca4caaeb121530126419b42

    • SHA512

      ed346718e25f347d0640143a71d8bd75c2f517c9f194cdaa486bcdd378cede216af7e86ecaa3f6d582ae76b709a3e5580c7c84f017f179ba65eca6701547b87a

    • SSDEEP

      6144:eYIYLXZIQZIbYf3yzlv+tjvRfPWUjwwlJRH8AtvO:eMjZvIbY/6lij5fRF

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks