Overview

overview

10

Static

static

3

ee1a736658...01.exe

windows7-x64

10

ee1a736658...01.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee1a7366583000add321abdd79949f01.exe

  • Size

    438KB

  • Sample

    230620-hmhq7abg4s

  • MD5

    ee1a7366583000add321abdd79949f01

  • SHA1

    db9201bf7bb4345670b1aaf0b89937099f8bb1e6

  • SHA256

    bc1e4e6dd1eec20e8b6685d7e844a0ad045c0700210ef40f451e51dd9fa00910

  • SHA512

    ab580e02bb8c0d70ac5edfa8f59848df029f724fbb00b6c92075a9e0497fb1559ece07cd95e5a59b85f05060c76290247dd4265ad41dd045b3af8a13cd5e8372

  • SSDEEP

    12288:avBo236cRReRKARDf6U0m7e5J1NezYneTIR7q6wNvJ:aJ3XReRZfH0m7e5J7STIRO

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      ee1a7366583000add321abdd79949f01.exe

    • Size

      438KB

    • MD5

      ee1a7366583000add321abdd79949f01

    • SHA1

      db9201bf7bb4345670b1aaf0b89937099f8bb1e6

    • SHA256

      bc1e4e6dd1eec20e8b6685d7e844a0ad045c0700210ef40f451e51dd9fa00910

    • SHA512

      ab580e02bb8c0d70ac5edfa8f59848df029f724fbb00b6c92075a9e0497fb1559ece07cd95e5a59b85f05060c76290247dd4265ad41dd045b3af8a13cd5e8372

    • SSDEEP

      12288:avBo236cRReRKARDf6U0m7e5J1NezYneTIR7q6wNvJ:aJ3XReRZfH0m7e5J7STIRO

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks