Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ffb0e8e9b2f291a63e38b3312463343807e18ef4420e9966424adb5238458ff

  • Size

    455KB

  • Sample

    230619-css68acb4y

  • MD5

    334edadba6e92c6e174d07bf694f7f7f

  • SHA1

    a3ec51e6412ad6665d4672c1faf41cc2b6a73977

  • SHA256

    8ffb0e8e9b2f291a63e38b3312463343807e18ef4420e9966424adb5238458ff

  • SHA512

    ea4374eb4e89d8ea2c3b100a64a2a2b9788b203d245b7e6c286b7e6a32400103508c812b38abb50b53853a1fd4c4d8bbdd994467c39b263b8dcef4116ff049b4

  • SSDEEP

    6144:lG/OBDon3Q/dcNzDBbGP6exNR2IljMZaGT2uP/9fveTHVmTRiO3siXKVA4GePe:lZBDoWdcNz70GfH9f81mAO3JXuD7

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      8ffb0e8e9b2f291a63e38b3312463343807e18ef4420e9966424adb5238458ff

    • Size

      455KB

    • MD5

      334edadba6e92c6e174d07bf694f7f7f

    • SHA1

      a3ec51e6412ad6665d4672c1faf41cc2b6a73977

    • SHA256

      8ffb0e8e9b2f291a63e38b3312463343807e18ef4420e9966424adb5238458ff

    • SHA512

      ea4374eb4e89d8ea2c3b100a64a2a2b9788b203d245b7e6c286b7e6a32400103508c812b38abb50b53853a1fd4c4d8bbdd994467c39b263b8dcef4116ff049b4

    • SSDEEP

      6144:lG/OBDon3Q/dcNzDBbGP6exNR2IljMZaGT2uP/9fveTHVmTRiO3siXKVA4GePe:lZBDoWdcNz70GfH9f81mAO3JXuD7

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks