General
-
Target
451025f181c0dfbe3edf5ab25b1c294b0c118a48ed8a8c4d3c82fe8c44a36b27
-
Size
599KB
-
Sample
230328-geffesah9s
-
MD5
bb850d24540d70fb44c336117f4316bc
-
SHA1
a5a0a69aa877c1ac080e1f448900c5081cc841b0
-
SHA256
451025f181c0dfbe3edf5ab25b1c294b0c118a48ed8a8c4d3c82fe8c44a36b27
-
SHA512
e7ed75377cdb7b53bd17e0c897a5f0c07be87ad0f2cbd93115373da7cc23bcca6e551ba8ddee6f6712c0c7d1265eae8c78bf5eade93f37c677c65ab7941c3f5e
-
SSDEEP
12288:ObaJP4n44RUuN7X+XWDsolXnBmi725YP8whi6kVQw8L1:pP4DRU0X+XWDsolTdkwhi6kVQw85
Static task
static1
Behavioral task
behavioral1
Sample
451025f181c0dfbe3edf5ab25b1c294b0c118a48ed8a8c4d3c82fe8c44a36b27.exe
Resource
win10-20230220-en
Malware Config
Targets
-
-
Target
451025f181c0dfbe3edf5ab25b1c294b0c118a48ed8a8c4d3c82fe8c44a36b27
-
Size
599KB
-
MD5
bb850d24540d70fb44c336117f4316bc
-
SHA1
a5a0a69aa877c1ac080e1f448900c5081cc841b0
-
SHA256
451025f181c0dfbe3edf5ab25b1c294b0c118a48ed8a8c4d3c82fe8c44a36b27
-
SHA512
e7ed75377cdb7b53bd17e0c897a5f0c07be87ad0f2cbd93115373da7cc23bcca6e551ba8ddee6f6712c0c7d1265eae8c78bf5eade93f37c677c65ab7941c3f5e
-
SSDEEP
12288:ObaJP4n44RUuN7X+XWDsolXnBmi725YP8whi6kVQw8L1:pP4DRU0X+XWDsolTdkwhi6kVQw85
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Executes dropped EXE
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-