General

  • Target

    2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber

  • Size

    873KB

  • Sample

    240213-bdd83shb87

  • MD5

    1b9b47228fa8a6553bd0edcf6d946161

  • SHA1

    96831819402e78cdd7345d1727dafef4905ef166

  • SHA256

    7f8ad2f62a5da106b02442484c2056f4ba165696d9beb44505b8e67b5b630bd0

  • SHA512

    dff4c1aca4e6d78944a422b568d8517fc22b410cc1741162f62e9e4b9f8575a93bc413b365e4f9f7d778050388a0239d5e9a8222312c2e9e93df3feb7cfe7ddd

  • SSDEEP

    24576:lMz8i1ZI4cDt28SXxiXezpHH/AYcXaMvIUiUF:e1sRSXMOlAKMbp

Score
10/10

Malware Config

Targets

    • Target

      2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber

    • Size

      873KB

    • MD5

      1b9b47228fa8a6553bd0edcf6d946161

    • SHA1

      96831819402e78cdd7345d1727dafef4905ef166

    • SHA256

      7f8ad2f62a5da106b02442484c2056f4ba165696d9beb44505b8e67b5b630bd0

    • SHA512

      dff4c1aca4e6d78944a422b568d8517fc22b410cc1741162f62e9e4b9f8575a93bc413b365e4f9f7d778050388a0239d5e9a8222312c2e9e93df3feb7cfe7ddd

    • SSDEEP

      24576:lMz8i1ZI4cDt28SXxiXezpHH/AYcXaMvIUiUF:e1sRSXMOlAKMbp

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks