Overview

overview

10

Static

static

3

01E60000.exe

windows7-x64

10

01E60000.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 10:00

241127-l1r4kavqhr 10

23-06-2023 09:59

230623-lz59ssfc6z 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01E60000.exe

  • Size

    448KB

  • Sample

    230623-lz59ssfc6z

  • MD5

    d0c1a1ed8609b87ba25b771e8144b90c

  • SHA1

    0da8c2b9e109d97a574f0614550dc2311c331f85

  • SHA256

    a13376875d3b492eb818c5629afd3f97883be2a5154fa861e7879d5f770e21d4

  • SHA512

    b4ecd2234eb37ba01da6eae4a4da6c3d09d4675b84ef7f955664b38451ba7600041308efcf110561bb40461a907188bd044ff924fbdc01cb999eea309acaafd2

  • SSDEEP

    6144:L/E8DIpjK28t4snQBlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snGv/cgu4VGn6OaM+ucj

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      01E60000.exe

    • Size

      448KB

    • MD5

      d0c1a1ed8609b87ba25b771e8144b90c

    • SHA1

      0da8c2b9e109d97a574f0614550dc2311c331f85

    • SHA256

      a13376875d3b492eb818c5629afd3f97883be2a5154fa861e7879d5f770e21d4

    • SHA512

      b4ecd2234eb37ba01da6eae4a4da6c3d09d4675b84ef7f955664b38451ba7600041308efcf110561bb40461a907188bd044ff924fbdc01cb999eea309acaafd2

    • SSDEEP

      6144:L/E8DIpjK28t4snQBlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snGv/cgu4VGn6OaM+ucj

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks