General
-
Target
06250599.exe
-
Size
508KB
-
Sample
230618-m7st4seh64
-
MD5
83243eae62ea7c139eb7850db2349334
-
SHA1
a9d0036539416423716cbc7d9cf09d44ae066b81
-
SHA256
07e766f67125c99500dac7dc2a2eab8ab38db92722ec949b1f4d18f55b717aa6
-
SHA512
4e68e82714de7df8a1f4e8fdd3a0576078fe314d4272f2e09b4d173b63ac7c28c8ab3fcb72268283d3663647c81293b725b3244747b3671c51c40f968f3767e4
-
SSDEEP
6144:vclsfJOrA4dB1oPqw2yaG6S+fXaROmJRmpvA5N89jjBVahQk666RDTBr:vcmBO072HSbErvD9jjBsWXDr
Static task
static1
Behavioral task
behavioral1
Sample
06250599.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
06250599.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
06250599.exe
-
Size
508KB
-
MD5
83243eae62ea7c139eb7850db2349334
-
SHA1
a9d0036539416423716cbc7d9cf09d44ae066b81
-
SHA256
07e766f67125c99500dac7dc2a2eab8ab38db92722ec949b1f4d18f55b717aa6
-
SHA512
4e68e82714de7df8a1f4e8fdd3a0576078fe314d4272f2e09b4d173b63ac7c28c8ab3fcb72268283d3663647c81293b725b3244747b3671c51c40f968f3767e4
-
SSDEEP
6144:vclsfJOrA4dB1oPqw2yaG6S+fXaROmJRmpvA5N89jjBVahQk666RDTBr:vcmBO072HSbErvD9jjBsWXDr
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-