General
-
Target
2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber
-
Size
873KB
-
Sample
240213-bdd83shb87
-
MD5
1b9b47228fa8a6553bd0edcf6d946161
-
SHA1
96831819402e78cdd7345d1727dafef4905ef166
-
SHA256
7f8ad2f62a5da106b02442484c2056f4ba165696d9beb44505b8e67b5b630bd0
-
SHA512
dff4c1aca4e6d78944a422b568d8517fc22b410cc1741162f62e9e4b9f8575a93bc413b365e4f9f7d778050388a0239d5e9a8222312c2e9e93df3feb7cfe7ddd
-
SSDEEP
24576:lMz8i1ZI4cDt28SXxiXezpHH/AYcXaMvIUiUF:e1sRSXMOlAKMbp
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-13_1b9b47228fa8a6553bd0edcf6d946161_cobalt-strike_magniber
-
Size
873KB
-
MD5
1b9b47228fa8a6553bd0edcf6d946161
-
SHA1
96831819402e78cdd7345d1727dafef4905ef166
-
SHA256
7f8ad2f62a5da106b02442484c2056f4ba165696d9beb44505b8e67b5b630bd0
-
SHA512
dff4c1aca4e6d78944a422b568d8517fc22b410cc1741162f62e9e4b9f8575a93bc413b365e4f9f7d778050388a0239d5e9a8222312c2e9e93df3feb7cfe7ddd
-
SSDEEP
24576:lMz8i1ZI4cDt28SXxiXezpHH/AYcXaMvIUiUF:e1sRSXMOlAKMbp
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-