General
-
Target
[GitHub]Project.zip
-
Size
8.5MB
-
Sample
240208-b1f17adedq
-
MD5
9f14bd060975edf36fdd9ad1b3fc39a1
-
SHA1
f508ed4284868ae9a8994ae04282a90663fc3e28
-
SHA256
c2e3560835a0898585cf02279d838d3aa3a7360e5fc3b2f79cae45fe017da0be
-
SHA512
bea8fae17335d2a5b4dd5cc414494e04bc779af01d5f7565cc220718e1263a4cd5f5fe24d639c23da2014ef4d0c86dbde149c9e1e794e6abcc2ba3fd7bc68158
-
SSDEEP
196608:03FXsRDvplj8b0jmRDF4nYY3+JOSx4dBKe+hZU7ysT8:e8RNFeuAqYY3sOhfKHZmyA8
Static task
static1
Behavioral task
behavioral1
Sample
GitMultiLoader.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral2
Sample
opengl32.dll
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
GitMultiLoader.exe
-
Size
42.7MB
-
MD5
5ec24905f80bb16b8844d440fd4ca921
-
SHA1
079f6782c79d633f3ac1288523d39fd5c6132df9
-
SHA256
eec6302b15fdbf92d7c6204f195246278aa2d7c54ed2eaf51f8298554ac75024
-
SHA512
10e3b37422b3d540f9435712ee94955df759ed1c404e35e708f0b6863ff2f8c4b1ff0fc084df10ffd805a9a9e633bb6110dc82d0d8d8d474439cd8a5b6fbfc55
-
SSDEEP
98304:YfCv+rScGQYPDofAKB1RYQpHd5nKRQGEaTmR3vNUkqh76n7EnVFG8TzIhX724Lks:Y7EsfAeHY0x7nbT9UsMaN6maSl
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
-
-
Target
opengl32.dll
-
Size
104KB
-
MD5
476b6a340b1d1de81f96c42cb94824a3
-
SHA1
ec0fda158e52f2c15d50ac559839262511396370
-
SHA256
c640ca6961bb3f90ee17ee2eab9b3ab66c76d0437408cde00bbcca58f8ccf0c7
-
SHA512
1df3ff41f1eab4267acf180aea00095d429190b00bbd65cbeeafe2ebd8fe964a4963709b9dd725a8aff963dcc1174295397ebcc11b0f19c08988855ab78f5790
-
SSDEEP
48:/44444444444444444444444444444444444444444444444444444444444444j:H
Score1/10 -