Overview

overview

10

Static

static

1

d72a22df76...98.exe

windows7-x64

10

d72a22df76...98.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    89643422ab297e5762ff7b7a26048682.bin

  • Size

    239KB

  • Sample

    230327-ca22eadb3v

  • MD5

    632418a82e6499bd94f2bb2269851bdc

  • SHA1

    2e571e94022e6e7bceee8e4d38d9e0e679fc716d

  • SHA256

    01192090ddab853e6235d3a978d820490112dec14929a7a25897a9c07c4a2d1e

  • SHA512

    746e5e7cbaee184b2e0cb55c8bd2614acbe89d9396224eaa51cc20c4fb868af415de12f1489425d7b2f2425f0a0f772bc42cd54651977429bb0a91a613aa2330

  • SSDEEP

    6144:bv0LyTcCcC0ePfIRFmx0IGGYtlhebZSquh2dTqHtSWsN:baOPfMmx0FGYKZSRh08sN

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      d72a22df76c3ecfdcd97809e7479950f5f65c86e308548460446407de21ba998.exe

    • Size

      349KB

    • MD5

      89643422ab297e5762ff7b7a26048682

    • SHA1

      ae0e5e4828baf2acd14d9a696d61d85bd7ff4a99

    • SHA256

      d72a22df76c3ecfdcd97809e7479950f5f65c86e308548460446407de21ba998

    • SHA512

      e05c31a46c9c02aaec0be2a7c7c0a46c9df1147e7de7a90cc197e9a384238a8fba4f4a63ee096dea590435821409124f4928d03106506f1bcd29178f0483d824

    • SSDEEP

      6144:kSe5G+irRMscWqdP5PGP5fFRwT+Ri/cBUva:Xe5G+qRMxWEMRHwn/cBv

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks