Overview

overview

10

Static

static

3

162833c025...e0.exe

windows7-x64

3

162833c025...e0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b99290063c63c1449c6d61c62f95528d.bin

  • Size

    548KB

  • Sample

    230524-b1nq2aac65

  • MD5

    356dbe3d960e81fc2c81f244692f03cb

  • SHA1

    353c003dd494894a65c8a3548efcdd05e6aac57b

  • SHA256

    9909fc2e4c9d14a05605b57cabe8ab4ba9841141b249cd8d3ac8ff6950870f4e

  • SHA512

    251d483de718e5cea181a7cb87032e97d3f0e97bbe69a0cba3838cba51622f502d21d2d8db39cb1c36369efea25f5a5457120772b1ec64812bfbba8ea8528105

  • SSDEEP

    12288:kDjEMrac9/4glDeArdNRvPujC9UMtP7Zj58hd2fNYH2YQ4TUlynujX5Ljl:aEYacprdjvr9UQ9mdf2hQur5Ljl

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      162833c025dda5b2154fc193bc71bc3e375794e13f6392f387839599df9d90e0.exe

    • Size

      1.2MB

    • MD5

      b99290063c63c1449c6d61c62f95528d

    • SHA1

      dc80d751832030dbe05bb34e691a6237e2a224b5

    • SHA256

      162833c025dda5b2154fc193bc71bc3e375794e13f6392f387839599df9d90e0

    • SHA512

      4f6b717d1c18042243f7f62009e2638fa51e2a7139285a8469e3ba2458dc658ef6ccc8401b7c1ade0742c4dd6dd7ab98c487165f0142558191e9a7192c57c19c

    • SSDEEP

      12288:UPqvdlwvVVmpmiUkWnbaczXSisUFhiqNnuJCbM/C3irgP92vjy9jhBvcS5K+xlBW:Uy5iV7bTEyhBVdhPTyITdOqa

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks