Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    198b1cc97c1c2b00855f5996063046e13475fdbc8f160a9f019a9da753870a93

  • Size

    458KB

  • Sample

    230618-ezrm3sdg67

  • MD5

    dc93171b4414fca0ee07121f056d0e12

  • SHA1

    2861cc467713800a682eb96695721226b706f61c

  • SHA256

    198b1cc97c1c2b00855f5996063046e13475fdbc8f160a9f019a9da753870a93

  • SHA512

    6f3dd7edd1d04911b737c8f9b45e85692006764fc06374edeba5290b926c33bd26a649f21c78ff67ecf50bf2de0e1ff17e401d41e0572f39604448192eb1c819

  • SSDEEP

    6144:DeHccOqU04H8R6wHid8xfCLXuJtZ4l/TjjFw5RV6XxgoMnv1wVnbrOdFRm:074ABa8xfuXubul/Cjcbgv1ebrOnRm

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      198b1cc97c1c2b00855f5996063046e13475fdbc8f160a9f019a9da753870a93

    • Size

      458KB

    • MD5

      dc93171b4414fca0ee07121f056d0e12

    • SHA1

      2861cc467713800a682eb96695721226b706f61c

    • SHA256

      198b1cc97c1c2b00855f5996063046e13475fdbc8f160a9f019a9da753870a93

    • SHA512

      6f3dd7edd1d04911b737c8f9b45e85692006764fc06374edeba5290b926c33bd26a649f21c78ff67ecf50bf2de0e1ff17e401d41e0572f39604448192eb1c819

    • SSDEEP

      6144:DeHccOqU04H8R6wHid8xfCLXuJtZ4l/TjjFw5RV6XxgoMnv1wVnbrOdFRm:074ABa8xfuXubul/Cjcbgv1ebrOnRm

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks