Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    03-05-2023 19:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7730ddf737f8a86606af30c6f23c6745299a34ca469bf4e2fec44c77f0831178.exe

  • Size

    312KB

  • MD5

    2855594ad7b56c2034ca8fa9cc4f91ee

  • SHA1

    67bd3fcc993b7b49da2e4031bc49101f3537426b

  • SHA256

    7730ddf737f8a86606af30c6f23c6745299a34ca469bf4e2fec44c77f0831178

  • SHA512

    3b12057b71ef95fdb38daec26d510cc6ea3da7d478f9a6133a7ba55e7ac7f6c14534d92002ac05317fbef4e1575934953f33adefe7b31ca5827b3ee2e3c335ff

  • SSDEEP

    6144:Wc3yUD4168ptBXFDZK0cTrFy71+TsO4AsNvJmJ:Wc3yUW6ItBLK0cFyYgblNvYJ

Score
10/10
rhadamanthysstealer

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Signatures

  • Detect rhadamanthys stealer shellcode 4 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys

Processes

  • C:\Users\Admin\AppData\Local\Temp\7730ddf737f8a86606af30c6f23c6745299a34ca469bf4e2fec44c77f0831178.exe
    "C:\Users\Admin\AppData\Local\Temp\7730ddf737f8a86606af30c6f23c6745299a34ca469bf4e2fec44c77f0831178.exe"
    1⤵
      PID:2008

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2008-122-0x0000000000850000-0x000000000087E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/2008-123-0x0000000000400000-0x00000000006CF000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/2008-124-0x0000000000850000-0x000000000087E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/2008-127-0x0000000000880000-0x000000000089C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/2008-128-0x0000000000880000-0x000000000089C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/2008-129-0x00000000007B0000-0x00000000007B2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2008-130-0x0000000000880000-0x000000000089C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/2008-131-0x0000000000400000-0x00000000006CF000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/2008-132-0x0000000000880000-0x000000000089C000-memory.dmp

      Filesize

      112KB

      Download