Overview

overview

10

Static

static

3

1122887f30...JC.exe

windows7-x64

10

1122887f30...JC.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    15/08/2023, 15:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1122887f30d015128797428ab7c878ab97030d1d0f9365a2ca144a4c5fa1f2f0_JC.exe

  • Size

    489KB

  • MD5

    5419392ee85260f99e1e256153bb5cd4

  • SHA1

    205748641149befee4ef32263908032689b644dc

  • SHA256

    1122887f30d015128797428ab7c878ab97030d1d0f9365a2ca144a4c5fa1f2f0

  • SHA512

    44771425865059d82c4541526c8f0e8ae8d5434e22ed683627799dffbedfb3d3249ebeaf8a17f24ef27bd38ea6912f7c120cf3644ff9bc646c01ce0d1cc1c6ce

  • SSDEEP

    6144:DEbKLUUomPkM7bTDQ2pipifPSGELHWufkHwJ4PA5vYgSFpgPRRV:DVgUomPkMJi8f4jvhaI9dGpg

Score
10/10
rhadamanthysstealer

Malware Config

Signatures

  • Detect rhadamanthys stealer shellcode 4 IoCs
  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1122887f30d015128797428ab7c878ab97030d1d0f9365a2ca144a4c5fa1f2f0_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\1122887f30d015128797428ab7c878ab97030d1d0f9365a2ca144a4c5fa1f2f0_JC.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1988-54-0x0000000000220000-0x0000000000269000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1988-55-0x0000000000310000-0x0000000000383000-memory.dmp

    Filesize

    460KB

    Download

  • memory/1988-56-0x0000000000400000-0x00000000018F8000-memory.dmp

    Filesize

    21.0MB

    Download

  • memory/1988-57-0x0000000000400000-0x00000000018F8000-memory.dmp

    Filesize

    21.0MB

    Download

  • memory/1988-58-0x0000000000220000-0x0000000000269000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1988-59-0x0000000000310000-0x0000000000383000-memory.dmp

    Filesize

    460KB

    Download

  • memory/1988-64-0x0000000000280000-0x0000000000287000-memory.dmp

    Filesize

    28KB

    Download

  • memory/1988-65-0x0000000003540000-0x0000000003940000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1988-67-0x0000000003540000-0x0000000003940000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1988-66-0x0000000003540000-0x0000000003940000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1988-69-0x0000000003540000-0x0000000003940000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1988-68-0x0000000000400000-0x00000000018F8000-memory.dmp

    Filesize

    21.0MB

    Download