Overview

overview

10

Static

static

3

6c16b947ef...cf.exe

windows7-x64

10

6c16b947ef...cf.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    151s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01-05-2023 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c16b947ef3362e5166935e6a043b236a9aec2ecc27029ccc837df955f5071cf.exe

  • Size

    418KB

  • MD5

    42a7b2cb5f4db8ca3ea5706c64a8c5d9

  • SHA1

    ca9f0a03e3c50774ffda74eb03969b302e2702c0

  • SHA256

    6c16b947ef3362e5166935e6a043b236a9aec2ecc27029ccc837df955f5071cf

  • SHA512

    e15140b1a585a45ff41c207443b00da04fe00c29c7eb3bb4baae2459e2ea5b053961766cce10dd123fb8594a150992469f31faf756e1c4a5584f3ee36ee1df4a

  • SSDEEP

    6144:y17xsLcC9iQaC1xzn2Dbwsscn66Ke3qpPARV9fq:y172LcC9tD2Dn66KIOoRX

Score
10/10
rhadamanthysstealer

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Signatures

  • Detect rhadamanthys stealer shellcode 4 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c16b947ef3362e5166935e6a043b236a9aec2ecc27029ccc837df955f5071cf.exe
    "C:\Users\Admin\AppData\Local\Temp\6c16b947ef3362e5166935e6a043b236a9aec2ecc27029ccc837df955f5071cf.exe"
    1⤵
      PID:1916

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1916-55-0x0000000000220000-0x000000000024E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/1916-56-0x0000000000400000-0x000000000080E000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1916-59-0x0000000000250000-0x000000000026C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/1916-60-0x0000000000250000-0x000000000026C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/1916-61-0x0000000000290000-0x0000000000291000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1916-62-0x0000000000250000-0x000000000026C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/1916-63-0x0000000000400000-0x000000000080E000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/1916-65-0x0000000000250000-0x000000000026C000-memory.dmp

      Filesize

      112KB

      Download