Analysis
-
max time kernel
145s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
24-05-2023 08:06
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
79616.bin.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
79616.bin.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
79616.bin.exe
-
Size
204KB
-
MD5
5f2595b160ad3ef494ab014fbe8c4698
-
SHA1
d9974cad3454757d23750c59d0cf7edf0471b8ab
-
SHA256
e80ae3a3ea9be0021eb3872a450159dd6c5314d6a418c1ebcb331bace1bac7ad
-
SHA512
5f2ba54ea56313697137e5c168da9ffb2d5c310100091135cecde6cbb317d3e6fa83ae8d1c83bc90382648221e49a3c16386a75d2e3f688683c9a209f9a43e7b
-
SSDEEP
6144:UC1N40Fnr0602TzhldWqIk6jKSxPMkPOR0:UC1VFng60OCHNMNK
Score
10/10
Malware Config
Signatures
-
Detect rhadamanthys stealer shellcode 2 IoCs
Processes:
resource yara_rule behavioral2/memory/4284-134-0x0000000002180000-0x000000000219D000-memory.dmp family_rhadamanthys behavioral2/memory/4284-136-0x0000000002180000-0x000000000219D000-memory.dmp family_rhadamanthys -
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.