General
-
Target
load.zip
-
Size
22.2MB
-
Sample
240325-p1ep1sga45
-
MD5
d9ef39f489e124059fbbb4f7cad1493a
-
SHA1
b5ad2c56baf885f14bab3b717fa5c45b2381bb4f
-
SHA256
6d35bbfc18209793224887c5acabeb8270eb9d55f5f5b9c02c216f37e5465849
-
SHA512
6ef88e8881418d38f4dcaee866c29be6559ef9678b62afbc1601f1f690f6e1be58728a3da148c315ae795d4a79024ecbd10df846801dba3d02e70dd31dcf1d3b
-
SSDEEP
393216:JBshtej0A45DhOjAqyX/2/hfC+dColWemRo7Bqpg7kaoxvFZC4GyePsV7:JBshcj0bDhO9yXu/jCp+BqpgDcFUDe
Static task
static1
Behavioral task
behavioral1
Sample
Install.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Install.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
opengl32.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Install.exe
-
Size
66.5MB
-
MD5
4c435701dc496d2fc74349488df7b6c7
-
SHA1
6cf1f2618182eb0ced8ca95f71c542c439f8dafd
-
SHA256
686bff65efbf36a85f0dae6ecc213baa1438a4373dbc251fee1f9ad7f3c327d9
-
SHA512
c066bc65a641922111843fafc28cf3d9ac2c05ab6a21c064251ef597c6445c5d1d956831389b6fd27359b64e7695fb21bb36a4b53b9cdc64b703b09a111d4fb1
-
SSDEEP
393216:SDkFSDIOq5CM7oLUqtDFWSiA9aPNObKvcsuCGnl0dh:SDkEDIEfrtD8uGMiceu0h
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
opengl32.dll
-
Size
3.9MB
-
MD5
e23a909c4d1f86e86dc366ae461fee04
-
SHA1
295259f69918736ee71ddcf32347c75eb0154ee6
-
SHA256
f522654ae4091305784e4a9cb532254f8cb5ba359e49e46ce47723c3d2eefc5a
-
SHA512
3c61a6fbf631157cffb141cd0fed2cd5fd04b7d6f39d06adbb9a83a406ceffcdba269620cb6daba6ff44c5e831a15eec96dd207074099e183c07f32aeca91be8
-
SSDEEP
49152:maKfYeGwtQUTd5Oc1eziEvRX5aU34b6Gi+JTpN9V93Sb6kmJcIvSpF+bEhr:mA2LD8RX4ff9Dkr
Score1/10 -