Overview

overview

10

Static

static

1

6d61592947...f9.exe

windows7-x64

10

6d61592947...f9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b9742c442c28ca29907a0ffcaca47fa.bin

  • Size

    219KB

  • Sample

    230328-b7htcsgd26

  • MD5

    f0b3e6617a8310beee1811169266c902

  • SHA1

    1e9fa470b5753c8da9fe535337460fd0e584746d

  • SHA256

    bf3ecb3f8f771f6fc5f04c6a30aa6e92686a920e77680516f1e64fc26d74aa38

  • SHA512

    edfc0d3a02b9633b8a7459fc5613805c71562a11afde6bec7dae7f76f9a16cac82f84b07c0bb2e6cb27e7e450ff38279dcab57e5873c34b09eed4cab97cb9c6b

  • SSDEEP

    6144:Dtgqv3trmYNi90n2YyXJh2CJubDWgGgWTRm0:D6C3hQ9S2Yy5tJuBGgWTF

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      6d615929475897b42f7bbc9ae8a5fdc591a15a08ab4696dbabb3ff912fb5cbf9.exe

    • Size

      302KB

    • MD5

      7b9742c442c28ca29907a0ffcaca47fa

    • SHA1

      d59023f60d89c785da29165a5df7d8b80f790d87

    • SHA256

      6d615929475897b42f7bbc9ae8a5fdc591a15a08ab4696dbabb3ff912fb5cbf9

    • SHA512

      e4810b23a677b9eac6946ce33f1d30e6ce7be826889791fc94667fa123416279a5dfb50fbf54f6b22e8e971e3a121d42219ceadac6a2313c507763d0c921453d

    • SSDEEP

      6144:/DB9/8sAqMQ107vvjmokAxGnHZIkIx1P7:bB9/8JE1OvCixGnm

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks