General
-
Target
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3
-
Size
3.6MB
-
Sample
240325-fpfcqsgg66
-
MD5
469ff745c8275ceca411beca409c81fb
-
SHA1
55d6ccdf12e5645bd35b8c1f596e78abfcaaf311
-
SHA256
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3
-
SHA512
6658e510b03efdad65e329d7ed521df7a60fc63760cff6b9b855541bbe4f4f712f6c56ce816f9cbb4103fe1c37d92b154d5f3bc269ada05d3930dc3f66b8ad7c
-
SSDEEP
49152:cfU4Uj059yaxNDrELFAud9tsPz1tKJw60mH+jqBCodWe4AWaGMo7JKfuKVV:cfUbU9yaNDr4FAueJsu4+jqV+AcXJKfh
Static task
static1
Behavioral task
behavioral1
Sample
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3.exe
Resource
win10-20240221-en
Malware Config
Targets
-
-
Target
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3
-
Size
3.6MB
-
MD5
469ff745c8275ceca411beca409c81fb
-
SHA1
55d6ccdf12e5645bd35b8c1f596e78abfcaaf311
-
SHA256
c8a5eefe493b6e3a232acb40147d35ff468e28f65b3392e691efea30dcbf64c3
-
SHA512
6658e510b03efdad65e329d7ed521df7a60fc63760cff6b9b855541bbe4f4f712f6c56ce816f9cbb4103fe1c37d92b154d5f3bc269ada05d3930dc3f66b8ad7c
-
SSDEEP
49152:cfU4Uj059yaxNDrELFAud9tsPz1tKJw60mH+jqBCodWe4AWaGMo7JKfuKVV:cfUbU9yaNDr4FAueJsu4+jqV+AcXJKfh
Score10/10-
Detects DLL dropped by Raspberry Robin.
Raspberry Robin.
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-