General
-
Target
cc.exe
-
Size
501KB
-
Sample
230630-n8y8yshh95
-
MD5
f73e68f4995b58c9a1e47d67da9372ca
-
SHA1
0760b6b12d99915182bee3e3fa0e9aabd7a830c0
-
SHA256
ea741d942926073191df32a404977cc4afa3b17bcd34871faafbf7f61be71c26
-
SHA512
a419e78a385ad5e11224dad96b508e7bb01209a21fad338722e68d1d92cd78b92267af13f037126d04e49451fa62f089edb6ee77f7d2ce1cb9e26d56473b02af
-
SSDEEP
6144:HoR7YSOIypGIyGYdqfCwgKo74ERmvOJUlARI7hJEftv99J:yTPMlyldqfCwTE/QmJUlAO7hJElv9L
Static task
static1
Behavioral task
behavioral1
Sample
cc.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
cc.exe
Resource
win10v2004-20230621-en
Malware Config
Targets
-
-
Target
cc.exe
-
Size
501KB
-
MD5
f73e68f4995b58c9a1e47d67da9372ca
-
SHA1
0760b6b12d99915182bee3e3fa0e9aabd7a830c0
-
SHA256
ea741d942926073191df32a404977cc4afa3b17bcd34871faafbf7f61be71c26
-
SHA512
a419e78a385ad5e11224dad96b508e7bb01209a21fad338722e68d1d92cd78b92267af13f037126d04e49451fa62f089edb6ee77f7d2ce1cb9e26d56473b02af
-
SSDEEP
6144:HoR7YSOIypGIyGYdqfCwgKo74ERmvOJUlARI7hJEftv99J:yTPMlyldqfCwTE/QmJUlAO7hJElv9L
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-
Drops file in System32 directory
-