Overview

overview

10

Static

static

3

6a14114aa3...eb.exe

windows7-x64

10

6a14114aa3...eb.exe

windows10-2004-x64

10

Resubmissions

07-09-2023 05:09

230907-ftmydaef97 10

07-09-2023 04:47

230907-feqeysef2v 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a14114aa3bebe58ae76c66e7688f77a0e0e031cf048004f6bb670aab6344eeb

  • Size

    833KB

  • Sample

    230907-ftmydaef97

  • MD5

    17688f03f125bb494dc7f304b8936221

  • SHA1

    7fadc66ba11a5b3c4582f4d9b5b245801ccf918a

  • SHA256

    6a14114aa3bebe58ae76c66e7688f77a0e0e031cf048004f6bb670aab6344eeb

  • SHA512

    1636d32e5a59c5c3577d0dc5ecf7dbccc22cc0ce2087889974903257d500e694d2cee4218c17ddba747c4b59ea4f811889837883b40cd009c1463cdc21f65a06

  • SSDEEP

    12288:Ib/bL1cEYZpFQOT4KpMT+msoH985+3wAFn6DQnbu7L3SpiQXYIOnUfvDrD8FEsim:WzLmQsI85mn6DQDYpmv8FEyuOGLU

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      6a14114aa3bebe58ae76c66e7688f77a0e0e031cf048004f6bb670aab6344eeb

    • Size

      833KB

    • MD5

      17688f03f125bb494dc7f304b8936221

    • SHA1

      7fadc66ba11a5b3c4582f4d9b5b245801ccf918a

    • SHA256

      6a14114aa3bebe58ae76c66e7688f77a0e0e031cf048004f6bb670aab6344eeb

    • SHA512

      1636d32e5a59c5c3577d0dc5ecf7dbccc22cc0ce2087889974903257d500e694d2cee4218c17ddba747c4b59ea4f811889837883b40cd009c1463cdc21f65a06

    • SSDEEP

      12288:Ib/bL1cEYZpFQOT4KpMT+msoH985+3wAFn6DQnbu7L3SpiQXYIOnUfvDrD8FEsim:WzLmQsI85mn6DQDYpmv8FEyuOGLU

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks