General
-
Target
Spongebob Ip Address Meme.mp4
-
Size
366KB
-
Sample
240209-pxvl3ach52
-
MD5
5f6431493c3e1bb4d28badbfe33e2717
-
SHA1
3e2a608093ef416e6992e07182547783739cda93
-
SHA256
bb38d2c222f3b89421c324121bb1ea12fc3feb725bd27d4f8dce9bc757d87ddf
-
SHA512
8014811e6a935ecb81354c78c31b29339757e2f144b8b063da9610188416dabd98cc4d40790775fef3a5966edc73925f270454b1f4e606a216d7745b5121a9a9
-
SSDEEP
6144:CTz3HUP+7LlfVWxXuaQvQGBGdqAEvvN+Om3D73lI1sdI1CATXq1U2OEcjcP4Ijp:CTDUW7LlNWxehxBvl+O8D77vQq1U9jcJ
Static task
static1
Behavioral task
behavioral1
Sample
Spongebob Ip Address Meme.mp4
Resource
win10-20231215-en
Malware Config
Targets
-
-
Target
Spongebob Ip Address Meme.mp4
-
Size
366KB
-
MD5
5f6431493c3e1bb4d28badbfe33e2717
-
SHA1
3e2a608093ef416e6992e07182547783739cda93
-
SHA256
bb38d2c222f3b89421c324121bb1ea12fc3feb725bd27d4f8dce9bc757d87ddf
-
SHA512
8014811e6a935ecb81354c78c31b29339757e2f144b8b063da9610188416dabd98cc4d40790775fef3a5966edc73925f270454b1f4e606a216d7745b5121a9a9
-
SSDEEP
6144:CTz3HUP+7LlfVWxXuaQvQGBGdqAEvvN+Om3D73lI1sdI1CATXq1U2OEcjcP4Ijp:CTDUW7LlNWxehxBvl+O8D77vQq1U9jcJ
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-