General
-
Target
Github-Project.zip
-
Size
92.7MB
-
Sample
240221-ymwk2sef2s
-
MD5
6a28bc9ed17945f4bd3a3ca05973ccd3
-
SHA1
dc17b1f1b6fbb4ba4db582a8f4a49740a4a21694
-
SHA256
4f8b34ed2885db0aa697fbdcd9fb8a7fb11eb30fb62f86463b7c5abbedf3dafb
-
SHA512
ba885b22aa5a751ccf263abdddd9b9e176cf379856cb838f74856fcdd2e24513f7b5aa82e0f7c2ba49233d8d77439d22ffcf616fb5657bd6f4aa35c8c171f225
-
SSDEEP
1572864:gt2paSA3m5fL+kSz0nXGmvf1UGQkU/gQn4nLG0D/MkSsQRT4pUVQTrwGJHVn898z:TpaSA3mch47nb+g3LGPkSL8UVQTrv2az
Malware Config
Targets
-
-
Target
Github-Project.zip
-
Size
92.7MB
-
MD5
6a28bc9ed17945f4bd3a3ca05973ccd3
-
SHA1
dc17b1f1b6fbb4ba4db582a8f4a49740a4a21694
-
SHA256
4f8b34ed2885db0aa697fbdcd9fb8a7fb11eb30fb62f86463b7c5abbedf3dafb
-
SHA512
ba885b22aa5a751ccf263abdddd9b9e176cf379856cb838f74856fcdd2e24513f7b5aa82e0f7c2ba49233d8d77439d22ffcf616fb5657bd6f4aa35c8c171f225
-
SSDEEP
1572864:gt2paSA3m5fL+kSz0nXGmvf1UGQkU/gQn4nLG0D/MkSsQRT4pUVQTrwGJHVn898z:TpaSA3mch47nb+g3LGPkSL8UVQTrv2az
Score1/10 -
-
-
Target
Launcher Setup 9.8.0.exe
-
Size
81.1MB
-
MD5
56c32b3c2cef16a558cb7fd4f279475b
-
SHA1
5e94583b4c15c939fc318f31bda7564d535bf31b
-
SHA256
2cb354d25604347802e740e82c0872360c1874249fe79b4aeb6294594c86f21e
-
SHA512
65e9091cfd88ea0b8d6afe2f289495548cec1cc0f0f3b36279951e0d4272e613a77adadfadab8dd4db6f29195fd02a8ffa7d5f3570a5a29f3ec6e4f031b2825b
-
SSDEEP
1572864:XLl+n6BFgpZX+KCFKVeygDf1IYiQSRkEv6LJAWld6CSUc97WiQrOptIoT4pY:Xgn6BFgmvEe/9GkBNADCS5LQrOptGW
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-