Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d0301116085ae88725e5d983cb940e4fb8d1b722601f548df9cff867b142481e

  • Size

    342KB

  • Sample

    230328-lm8t6abh7t

  • MD5

    316da22b3c3f052d43fed1c4c807549f

  • SHA1

    f27e3c9ee3b01c1ed4ab8accd3e658483f976528

  • SHA256

    d0301116085ae88725e5d983cb940e4fb8d1b722601f548df9cff867b142481e

  • SHA512

    a012bb9f4fd5671f1c109ddc588efa735fb3c45dcdd26e81b5a21bc27e5e760bbae4a0b9f0a05999063cfc46e7acbc8a8cddfe926f665afe9636c5ffd4463983

  • SSDEEP

    6144:fgMO+oEfGmxLkU+gqLM0Icly9/mRqvsHPAaMTl:fgMO+ooGmJF+9M5ImX0FMJ

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      d0301116085ae88725e5d983cb940e4fb8d1b722601f548df9cff867b142481e

    • Size

      342KB

    • MD5

      316da22b3c3f052d43fed1c4c807549f

    • SHA1

      f27e3c9ee3b01c1ed4ab8accd3e658483f976528

    • SHA256

      d0301116085ae88725e5d983cb940e4fb8d1b722601f548df9cff867b142481e

    • SHA512

      a012bb9f4fd5671f1c109ddc588efa735fb3c45dcdd26e81b5a21bc27e5e760bbae4a0b9f0a05999063cfc46e7acbc8a8cddfe926f665afe9636c5ffd4463983

    • SSDEEP

      6144:fgMO+oEfGmxLkU+gqLM0Icly9/mRqvsHPAaMTl:fgMO+ooGmJF+9M5ImX0FMJ

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks