Overview

overview

10

Static

static

3

SkyValo.exe

windows10-1703-x64

10

Resubmissions

23-10-2023 23:04

231023-22jrksgg9y 10

23-10-2023 22:34

231023-2hlf3agf2w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SkyValo.exe

  • Size

    638KB

  • Sample

    231023-2hlf3agf2w

  • MD5

    e73e141a15cadcc8ab8ec09d712c59b0

  • SHA1

    bace5f12f6ff22a0f1afc12b5d772d6c44cc0e61

  • SHA256

    a4704499fb314be36d560f009756f709d61c16f4627e9002d6f2ca08e048f6c1

  • SHA512

    101b15b36ba97213575f713de30deeb1c9c7c089432dfaba32d608a8aadfd14b76d7db6aeed79a72af8a6ee0b62ae6ebae0953e9927770eee8d8b0d384ad3c30

  • SSDEEP

    12288:PjOubH2seO0lXVrUy201HuEZA6PUifgDsqAhPSQIXY:PjOaWseO2XV4y2suEZ5PUygQhhPMXY

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      SkyValo.exe

    • Size

      638KB

    • MD5

      e73e141a15cadcc8ab8ec09d712c59b0

    • SHA1

      bace5f12f6ff22a0f1afc12b5d772d6c44cc0e61

    • SHA256

      a4704499fb314be36d560f009756f709d61c16f4627e9002d6f2ca08e048f6c1

    • SHA512

      101b15b36ba97213575f713de30deeb1c9c7c089432dfaba32d608a8aadfd14b76d7db6aeed79a72af8a6ee0b62ae6ebae0953e9927770eee8d8b0d384ad3c30

    • SSDEEP

      12288:PjOubH2seO0lXVrUy201HuEZA6PUifgDsqAhPSQIXY:PjOaWseO2XV4y2suEZ5PUygQhhPMXY

    Score
    10/10
    rhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks