General
-
Target
06709da2cf631df2005cdc7d74957cebd069c88d930c04730ca1022ed8b85675
-
Size
455KB
-
Sample
230618-zt1n1shg33
-
MD5
02d4776ea83ad7146b3085670f437ddf
-
SHA1
c978eb7c9a207a32ef2011df86fe48127c76dec1
-
SHA256
06709da2cf631df2005cdc7d74957cebd069c88d930c04730ca1022ed8b85675
-
SHA512
38f05964aea14dabf7a134de0e286dde65371aec873e1d51a434a868297113dca2ce168a14a546a57dd1aeb65baa9d4e122bd5081a6f1d66c3f71c3ed416d0d2
-
SSDEEP
12288:pDzJunoRNwDrNlzzK6f7Hizg/MgrTUH1:pDN9NwDrvHNfTizmXMH
Static task
static1
Behavioral task
behavioral1
Sample
06709da2cf631df2005cdc7d74957cebd069c88d930c04730ca1022ed8b85675.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
06709da2cf631df2005cdc7d74957cebd069c88d930c04730ca1022ed8b85675
-
Size
455KB
-
MD5
02d4776ea83ad7146b3085670f437ddf
-
SHA1
c978eb7c9a207a32ef2011df86fe48127c76dec1
-
SHA256
06709da2cf631df2005cdc7d74957cebd069c88d930c04730ca1022ed8b85675
-
SHA512
38f05964aea14dabf7a134de0e286dde65371aec873e1d51a434a868297113dca2ce168a14a546a57dd1aeb65baa9d4e122bd5081a6f1d66c3f71c3ed416d0d2
-
SSDEEP
12288:pDzJunoRNwDrNlzzK6f7Hizg/MgrTUH1:pDN9NwDrvHNfTizmXMH
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Accesses Microsoft Outlook profiles
-