General
-
Target
[GitHub]Project.rar
-
Size
5.5MB
-
Sample
240212-wgcvmsag5t
-
MD5
2d026b16e887d8ef8fd6bd93f70a1be0
-
SHA1
5e5eb7c04dbd84291f1baccaf7f25ea86b1adc57
-
SHA256
456ebef3ea4fd5820ebf1f96be5057967a020d7d1808a598dcda016a4629a00c
-
SHA512
13b43b2646b50e57d83f2b8c07238c3a98ff746e249f6339c9b208d44fa5580145778180dfa329892e2b4f612abfc2ae892bd2d4431f66532b1c90e0b87c032a
-
SSDEEP
98304:3Ddw3LdP2q7/OnsXinhRrJQS+5VURlZK0qXs6KKa2nVT9NWr:3Dd+J2O/AwGqMLZKHc6KDY9HW
Static task
static1
Behavioral task
behavioral1
Sample
Project/GitMultiLoader.exe
Resource
win11-20231215-en
Behavioral task
behavioral2
Sample
Project/opengl32.dll
Resource
win11-20231222-en
Malware Config
Targets
-
-
Target
Project/GitMultiLoader.exe
-
Size
42.7MB
-
MD5
5ec24905f80bb16b8844d440fd4ca921
-
SHA1
079f6782c79d633f3ac1288523d39fd5c6132df9
-
SHA256
eec6302b15fdbf92d7c6204f195246278aa2d7c54ed2eaf51f8298554ac75024
-
SHA512
10e3b37422b3d540f9435712ee94955df759ed1c404e35e708f0b6863ff2f8c4b1ff0fc084df10ffd805a9a9e633bb6110dc82d0d8d8d474439cd8a5b6fbfc55
-
SSDEEP
98304:YfCv+rScGQYPDofAKB1RYQpHd5nKRQGEaTmR3vNUkqh76n7EnVFG8TzIhX724Lks:Y7EsfAeHY0x7nbT9UsMaN6maSl
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
-
-
Target
Project/opengl32.dll
-
Size
104KB
-
MD5
476b6a340b1d1de81f96c42cb94824a3
-
SHA1
ec0fda158e52f2c15d50ac559839262511396370
-
SHA256
c640ca6961bb3f90ee17ee2eab9b3ab66c76d0437408cde00bbcca58f8ccf0c7
-
SHA512
1df3ff41f1eab4267acf180aea00095d429190b00bbd65cbeeafe2ebd8fe964a4963709b9dd725a8aff963dcc1174295397ebcc11b0f19c08988855ab78f5790
-
SSDEEP
48:/44444444444444444444444444444444444444444444444444444444444444j:H
Score1/10 -