Overview

overview

10

Static

static

3

cb077e5958...ee.exe

windows7-x64

10

cb077e5958...ee.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 10:04

241127-l4b7hsypdy 10

31-08-2023 04:03

230831-emrsbada47 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb077e5958593c5cafb1b97f86290e20d5eced55dc578384672e495415bd0eee

  • Size

    456KB

  • Sample

    230831-emrsbada47

  • MD5

    c4354ae6f7b89c0735806b6798bfa2ce

  • SHA1

    5d6d69e31a6f7b9850e817215ba55e24f77c7afd

  • SHA256

    cb077e5958593c5cafb1b97f86290e20d5eced55dc578384672e495415bd0eee

  • SHA512

    6d88891da85464e9f19889c7766064422b285d6eefa46ff5c1d3962833074f96203b6b2bf83db9ae3fef1a50c1297d0bfc14a74cca72c7f00f1b54b6e4419daf

  • SSDEEP

    6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9++:2uWP/BZUyoLu8Agsmxwrvejkd2

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      cb077e5958593c5cafb1b97f86290e20d5eced55dc578384672e495415bd0eee

    • Size

      456KB

    • MD5

      c4354ae6f7b89c0735806b6798bfa2ce

    • SHA1

      5d6d69e31a6f7b9850e817215ba55e24f77c7afd

    • SHA256

      cb077e5958593c5cafb1b97f86290e20d5eced55dc578384672e495415bd0eee

    • SHA512

      6d88891da85464e9f19889c7766064422b285d6eefa46ff5c1d3962833074f96203b6b2bf83db9ae3fef1a50c1297d0bfc14a74cca72c7f00f1b54b6e4419daf

    • SSDEEP

      6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9++:2uWP/BZUyoLu8Agsmxwrvejkd2

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks