Analysis

  • max time kernel
    145s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2023 08:06

General

  • Target

    79616.bin.exe

  • Size

    204KB

  • MD5

    5f2595b160ad3ef494ab014fbe8c4698

  • SHA1

    d9974cad3454757d23750c59d0cf7edf0471b8ab

  • SHA256

    e80ae3a3ea9be0021eb3872a450159dd6c5314d6a418c1ebcb331bace1bac7ad

  • SHA512

    5f2ba54ea56313697137e5c168da9ffb2d5c310100091135cecde6cbb317d3e6fa83ae8d1c83bc90382648221e49a3c16386a75d2e3f688683c9a209f9a43e7b

  • SSDEEP

    6144:UC1N40Fnr0602TzhldWqIk6jKSxPMkPOR0:UC1VFng60OCHNMNK

Score
10/10

Malware Config

Signatures

  • Detect rhadamanthys stealer shellcode 2 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

Processes

  • C:\Users\Admin\AppData\Local\Temp\79616.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\79616.bin.exe"
    1⤵
      PID:4284

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4284-134-0x0000000002180000-0x000000000219D000-memory.dmp

      Filesize

      116KB

    • memory/4284-135-0x00000000021A0000-0x00000000021BA000-memory.dmp

      Filesize

      104KB

    • memory/4284-136-0x0000000002180000-0x000000000219D000-memory.dmp

      Filesize

      116KB

    • memory/4284-137-0x00000000021A0000-0x00000000021BA000-memory.dmp

      Filesize

      104KB