Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1aaffbf746724a0d39153e6c8699cf579ed11ed2e8c5bd9eef9771de446b203c

  • Size

    454KB

  • Sample

    230619-btf3lsag27

  • MD5

    38dac2f57615533a018f8dc56232ef73

  • SHA1

    013c7f786582e87759ae489655335ab2c497a881

  • SHA256

    1aaffbf746724a0d39153e6c8699cf579ed11ed2e8c5bd9eef9771de446b203c

  • SHA512

    b968789a34a7c4e9335a1b7e306b3cc2a4868c4f2eb7b4ec504574859bab1377b37881ef32121ca87c816fd89c64a001a5b67c310af899ecf1f5960f41052a0d

  • SSDEEP

    12288:d5pSocPma4AGtPT4HDTMZpdQMHM87Gn7FKf:dfMmaNiYEJHMQGhKf

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      1aaffbf746724a0d39153e6c8699cf579ed11ed2e8c5bd9eef9771de446b203c

    • Size

      454KB

    • MD5

      38dac2f57615533a018f8dc56232ef73

    • SHA1

      013c7f786582e87759ae489655335ab2c497a881

    • SHA256

      1aaffbf746724a0d39153e6c8699cf579ed11ed2e8c5bd9eef9771de446b203c

    • SHA512

      b968789a34a7c4e9335a1b7e306b3cc2a4868c4f2eb7b4ec504574859bab1377b37881ef32121ca87c816fd89c64a001a5b67c310af899ecf1f5960f41052a0d

    • SSDEEP

      12288:d5pSocPma4AGtPT4HDTMZpdQMHM87Gn7FKf:dfMmaNiYEJHMQGhKf

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks