Overview

overview

10

Static

static

3

aef5c6fec5...19.exe

windows7-x64

10

aef5c6fec5...19.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 10:02

241127-l2378ayngy 10

16-07-2023 01:10

230716-bjkcaacb72 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aef5c6fec5ea5f20f0e71f34d3777919.exe

  • Size

    448KB

  • Sample

    230716-bjkcaacb72

  • MD5

    aef5c6fec5ea5f20f0e71f34d3777919

  • SHA1

    013c70c60334495904fa1e83a129dd3c369e6acf

  • SHA256

    01c7c28d8fcbded6bb906af11b34e65e19a71bc433fa3c8b5e615130f78028d5

  • SHA512

    bd48e8ec604e074b759b1c08c9d1e6adb90da902b4f23b9f37210ec32183c22a53d0a571d3c46bf43c32f47debc47313c0c98136ac6bc55bf1004b41c19f2774

  • SSDEEP

    6144:L/E8DIpjK28t4snQTlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snAv/cgu4VGn6OaM+ucj

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      aef5c6fec5ea5f20f0e71f34d3777919.exe

    • Size

      448KB

    • MD5

      aef5c6fec5ea5f20f0e71f34d3777919

    • SHA1

      013c70c60334495904fa1e83a129dd3c369e6acf

    • SHA256

      01c7c28d8fcbded6bb906af11b34e65e19a71bc433fa3c8b5e615130f78028d5

    • SHA512

      bd48e8ec604e074b759b1c08c9d1e6adb90da902b4f23b9f37210ec32183c22a53d0a571d3c46bf43c32f47debc47313c0c98136ac6bc55bf1004b41c19f2774

    • SSDEEP

      6144:L/E8DIpjK28t4snQTlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snAv/cgu4VGn6OaM+ucj

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks