Overview

overview

10

Static

static

3

3c63861682...73.exe

windows7-x64

10

3c63861682...73.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-05-2023 16:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c63861682c8d454b9f3956d71c4c9c6abe8e81e69c8080c027a4c1883c32073.exe

  • Size

    278KB

  • MD5

    1206e816e3ae6ffcf80d81733f85aa11

  • SHA1

    8837ccbd6028c17e8d98878b403c6e460827003c

  • SHA256

    3c63861682c8d454b9f3956d71c4c9c6abe8e81e69c8080c027a4c1883c32073

  • SHA512

    fe3d8c36ca0891c87cb889c674fb0c7a7491ad459b73f841f1f48c4def2aeb55493d940031030ba3db84b914aef2b8edc9f4eb844129a5e0966e99195c4205cf

  • SSDEEP

    3072:1Bov+2uXxJ21xYGlqydzPxtEPIc64ffwWajYYK6wnZdBhZUaerz26iiAd4y5PTvZ:rQxtoydrO360wZYYZ6P8nVATvBme9

Score
10/10
rhadamanthysstealer

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Signatures

  • Detect rhadamanthys stealer shellcode 4 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c63861682c8d454b9f3956d71c4c9c6abe8e81e69c8080c027a4c1883c32073.exe
    "C:\Users\Admin\AppData\Local\Temp\3c63861682c8d454b9f3956d71c4c9c6abe8e81e69c8080c027a4c1883c32073.exe"
    1⤵
      PID:4712

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4712-134-0x00000000047B0000-0x00000000047DE000-memory.dmp

      Filesize

      184KB

      Download

    • memory/4712-135-0x0000000000400000-0x0000000002BA0000-memory.dmp

      Filesize

      39.6MB

      Download

    • memory/4712-138-0x0000000002C20000-0x0000000002C3C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4712-139-0x0000000002C20000-0x0000000002C3C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4712-140-0x00000000047E0000-0x00000000047FA000-memory.dmp

      Filesize

      104KB

      Download

    • memory/4712-141-0x0000000002C20000-0x0000000002C3C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4712-142-0x0000000000400000-0x0000000002BA0000-memory.dmp

      Filesize

      39.6MB

      Download

    • memory/4712-143-0x0000000002C20000-0x0000000002C3C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4712-144-0x00000000047E0000-0x00000000047FA000-memory.dmp

      Filesize

      104KB

      Download