General
-
Target
4dcd73199b386b86ee84ac0865e12162162042b2e6a76537dfa788b09cfadbe4
-
Size
490KB
-
Sample
230618-nacbjaeh98
-
MD5
c698be80592035d26590a0d20b6f9c89
-
SHA1
eeff43061e20ab16ca90ef5eb61da260fadb55b8
-
SHA256
4dcd73199b386b86ee84ac0865e12162162042b2e6a76537dfa788b09cfadbe4
-
SHA512
04c082a881d54afe77cedb6b433745e011d70ee8afef66ca128ac3df90bc2550d5c3389c1ab80265dc816530d90f2046536697d02d88b87165e177c63b799418
-
SSDEEP
6144:GgSI6onmGEcQiA1Gtb+oSnJjzE2CghHCyliZBrJtT7/aJ1V4Bk2AUG7dBDRXPQY:97meQ3oSmvghjwZBT7/vpE7bVXv
Static task
static1
Behavioral task
behavioral1
Sample
4dcd73199b386b86ee84ac0865e12162162042b2e6a76537dfa788b09cfadbe4.exe
Resource
win10-20230220-en
Malware Config
Targets
-
-
Target
4dcd73199b386b86ee84ac0865e12162162042b2e6a76537dfa788b09cfadbe4
-
Size
490KB
-
MD5
c698be80592035d26590a0d20b6f9c89
-
SHA1
eeff43061e20ab16ca90ef5eb61da260fadb55b8
-
SHA256
4dcd73199b386b86ee84ac0865e12162162042b2e6a76537dfa788b09cfadbe4
-
SHA512
04c082a881d54afe77cedb6b433745e011d70ee8afef66ca128ac3df90bc2550d5c3389c1ab80265dc816530d90f2046536697d02d88b87165e177c63b799418
-
SSDEEP
6144:GgSI6onmGEcQiA1Gtb+oSnJjzE2CghHCyliZBrJtT7/aJ1V4Bk2AUG7dBDRXPQY:97meQ3oSmvghjwZBT7/vpE7bVXv
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-