Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05-05-2023 14:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0375451e48d22627f764e55e72b0988ba0c11a79cd217a6324c67c53b665e296.exe

  • Size

    364KB

  • MD5

    8a77e864c2e27cf8dcf8e4a259bc452c

  • SHA1

    5b4941d6e6f3f4fc26b2eb5aeb7cdf3a22f2e573

  • SHA256

    0375451e48d22627f764e55e72b0988ba0c11a79cd217a6324c67c53b665e296

  • SHA512

    6da18b7f9c2e39a52a5932d124ec312926445b15b0a65ec47d5154bf501addc112eececc5885500410c25619f556b0b65fa32ae83d11168013227b8bdad692cd

  • SSDEEP

    6144:j6DHE8fG3SpPoqOqjEI3IHXTOWcHUrxNPzC2K:erPfGYwqd3IDOXUrPzC2K

Score
10/10
rhadamanthysstealer

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Signatures

  • Detect rhadamanthys stealer shellcode 4 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys

Processes

  • C:\Users\Admin\AppData\Local\Temp\0375451e48d22627f764e55e72b0988ba0c11a79cd217a6324c67c53b665e296.exe
    "C:\Users\Admin\AppData\Local\Temp\0375451e48d22627f764e55e72b0988ba0c11a79cd217a6324c67c53b665e296.exe"
    1⤵
      PID:4116

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4116-120-0x0000000000920000-0x000000000094E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/4116-121-0x0000000000400000-0x00000000006D9000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/4116-124-0x0000000000950000-0x000000000096C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4116-125-0x0000000000950000-0x000000000096C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4116-126-0x0000000000800000-0x0000000000802000-memory.dmp

      Filesize

      8KB

      Download

    • memory/4116-127-0x0000000000950000-0x000000000096C000-memory.dmp

      Filesize

      112KB

      Download

    • memory/4116-128-0x0000000000400000-0x00000000006D9000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/4116-129-0x0000000000950000-0x000000000096C000-memory.dmp

      Filesize

      112KB

      Download