Overview

overview

10

Static

static

3

811dec9ec1...f0.exe

windows7-x64

10

811dec9ec1...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b271a785ffc4e33bd3ffa018b28c26e7.bin

  • Size

    378KB

  • Sample

    230718-ct9wcsgf4s

  • MD5

    53b0d976c0ca3a29f3e947a19a107c9a

  • SHA1

    768fda2cee88ca3147304df462bda77d62220586

  • SHA256

    8ea9a4de18ad9ce3e32ac2d3d61810ae136c018012142319f41b1a73261069cd

  • SHA512

    a0f5c9cba273a5242eedd06577e557650d4f8148e483c55c5465794c54d04c5b1f08372a330602ab7e8bbee90f74e37d451f85798b385890d0c0b3670b2669a9

  • SSDEEP

    6144:U1huKM+h2tChyp4EgQ3nJ39j1VRJCO/+b+uBFH3gI73tjJVPeD8Zr7XNxBPGKxem:UF2tyyp/gQ3LjlJFlu7XgetPeD8NfR/b

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      811dec9ec1252218598615343fe2e04a62a296e3f156778c4d168b4eec8a0bf0.exe

    • Size

      515KB

    • MD5

      b271a785ffc4e33bd3ffa018b28c26e7

    • SHA1

      7757226b475981467ddac73649175d8e99778d02

    • SHA256

      811dec9ec1252218598615343fe2e04a62a296e3f156778c4d168b4eec8a0bf0

    • SHA512

      0af405c499f89ac1ae3a743c5855bbf476711cd575b4be1b24678dfc8638f6d5fd949fb98732d1c8763a708f68b213417aef30120b0a1b5661711db1fa108606

    • SSDEEP

      6144:6LET/MC/wLma7hvJ8w9cyp4vPfbdqHrRG0qMJSJH8kBDeuzvFG:6ozzpW68cyavPTQrRMISJccDeujF

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks