Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64ab012c838fed9c9893f24c7cfb73954cf4124300f2e99e53ed189c1381d9e1

  • Size

    447KB

  • Sample

    230619-w51avaff32

  • MD5

    c6a860188c46120bac059dbe78b15f48

  • SHA1

    a3b6e8100d9c89619b1a26e240d12630dbfed9b3

  • SHA256

    64ab012c838fed9c9893f24c7cfb73954cf4124300f2e99e53ed189c1381d9e1

  • SHA512

    8f9ff711daf0814fc33d47077c45708340b9a2977edf7b0df70072fe6a5ff283f3bb44ec2ea6915997cb4988403682e822659e67df055949c8fc8d25c96e939c

  • SSDEEP

    12288:Bg42SxYXV8xrWGtrRQF1Xzz9F+y9nrD1duD:Bxi+trRYZz9F++rDy

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      64ab012c838fed9c9893f24c7cfb73954cf4124300f2e99e53ed189c1381d9e1

    • Size

      447KB

    • MD5

      c6a860188c46120bac059dbe78b15f48

    • SHA1

      a3b6e8100d9c89619b1a26e240d12630dbfed9b3

    • SHA256

      64ab012c838fed9c9893f24c7cfb73954cf4124300f2e99e53ed189c1381d9e1

    • SHA512

      8f9ff711daf0814fc33d47077c45708340b9a2977edf7b0df70072fe6a5ff283f3bb44ec2ea6915997cb4988403682e822659e67df055949c8fc8d25c96e939c

    • SSDEEP

      12288:Bg42SxYXV8xrWGtrRQF1Xzz9F+y9nrD1duD:Bxi+trRYZz9F++rDy

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks