Overview

overview

10

Static

static

1

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.exe

  • Size

    397KB

  • Sample

    230402-bedc6sdg67

  • MD5

    532793f823b8be1c25057beb31637a3a

  • SHA1

    f53ff0f7c34c09b80eb57ce92304344f5a227b78

  • SHA256

    c3584cdcbcf8a2bdf6a1dece0ab69208e4dceedd7b8be43072f1c65a68e13417

  • SHA512

    22e3431ceb6355c4a527f4572a8984c09521db67373b60a85bcbbb70b42f21b7f83479f9b76e3d1cf784bf5274bdcc741c347cc1ec49a569a53280867deabcf7

  • SSDEEP

    6144:wcC2pso8Gjn5djAOHK+GtkbnSbnD96Xi6ik:wJ2pso8GVJAOHXzaD9ui6ik

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      setup.exe

    • Size

      397KB

    • MD5

      532793f823b8be1c25057beb31637a3a

    • SHA1

      f53ff0f7c34c09b80eb57ce92304344f5a227b78

    • SHA256

      c3584cdcbcf8a2bdf6a1dece0ab69208e4dceedd7b8be43072f1c65a68e13417

    • SHA512

      22e3431ceb6355c4a527f4572a8984c09521db67373b60a85bcbbb70b42f21b7f83479f9b76e3d1cf784bf5274bdcc741c347cc1ec49a569a53280867deabcf7

    • SSDEEP

      6144:wcC2pso8Gjn5djAOHK+GtkbnSbnD96Xi6ik:wJ2pso8GVJAOHXzaD9ui6ik

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks