Overview

overview

10

Static

static

1

a2ee2e380c...39.exe

windows7-x64

10

a2ee2e380c...39.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4ce1907bedf5f7b62e6b8b637c4d7c1b.bin

  • Size

    230KB

  • Sample

    230319-wc362ahd68

  • MD5

    1314da7c650bbf2e84662ae04b600e67

  • SHA1

    4d3bedc405c5a49fc3f9e8d2f8e032321825cb54

  • SHA256

    d6e9321a6586c3d9ea79b32aeea711d220b9519764f51d9a5532f3ac1a5aa0b9

  • SHA512

    1380185a151342f8867b209bbfee2a94bc71eb516847bf692c0c999598c8576efce77844d0d95f33ef62121c6f34acdc39e67d103539e8e16d6762e0bb295de5

  • SSDEEP

    6144:XWTZFFu1NEvYm/GB7wLGVujsCb0t3ct7TMsNuVTJQjZwr:XQF4HEwX5huVKVTeur

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      a2ee2e380c444d62824c944a9ed1a7d12e4b49d3d571d639eceb87680a259139.exe

    • Size

      358KB

    • MD5

      4ce1907bedf5f7b62e6b8b637c4d7c1b

    • SHA1

      7b1c5ad0b74d0fa927243aaaf431e1c74d0c8ec5

    • SHA256

      a2ee2e380c444d62824c944a9ed1a7d12e4b49d3d571d639eceb87680a259139

    • SHA512

      80c0b3636eda571bee3a9e9cb9ac2f4d022e1a9390a0ba0721efe90d9c26f26d444ac6a7d6662a1ca0fe620e4d687ffc50f033946ab362ba3d3f78f4aea1d6c8

    • SSDEEP

      6144:qOJ5LERQl9pevRuqjevBnJj5R+u53VgxvLpZu:BJ5MQ3pXrvVJTvsfu

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks