Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 10:05

241127-l4nkjswjdm 10

24-09-2023 04:50

230924-ff9j8aea97 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    456KB

  • Sample

    230924-ff9j8aea97

  • MD5

    1cf749dd7209e826e36d8ece08aa6a7a

  • SHA1

    59443fd4dbbe44b43c532c30333ba643a7ee69c4

  • SHA256

    4ed48b6b978ebf13a362f8ff7a2d2c1fdf17f4a4d1f513c4851201f804c04ef9

  • SHA512

    6a27d2a08e4a96828068f2330c3112974b2d8532902203557d2f9a0ced79a92fd6a0e0a1d233778d674889a4cfe27fb332f2b6a011c34fec5d3bd002f7d413d4

  • SSDEEP

    6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+1:2uWP/BZUyoLu8Agsmxwrvejkd2

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      456KB

    • MD5

      1cf749dd7209e826e36d8ece08aa6a7a

    • SHA1

      59443fd4dbbe44b43c532c30333ba643a7ee69c4

    • SHA256

      4ed48b6b978ebf13a362f8ff7a2d2c1fdf17f4a4d1f513c4851201f804c04ef9

    • SHA512

      6a27d2a08e4a96828068f2330c3112974b2d8532902203557d2f9a0ced79a92fd6a0e0a1d233778d674889a4cfe27fb332f2b6a011c34fec5d3bd002f7d413d4

    • SSDEEP

      6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+1:2uWP/BZUyoLu8Agsmxwrvejkd2

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks