General

  • Target

    load.zip

  • Size

    22.2MB

  • Sample

    240325-p1ep1sga45

  • MD5

    d9ef39f489e124059fbbb4f7cad1493a

  • SHA1

    b5ad2c56baf885f14bab3b717fa5c45b2381bb4f

  • SHA256

    6d35bbfc18209793224887c5acabeb8270eb9d55f5f5b9c02c216f37e5465849

  • SHA512

    6ef88e8881418d38f4dcaee866c29be6559ef9678b62afbc1601f1f690f6e1be58728a3da148c315ae795d4a79024ecbd10df846801dba3d02e70dd31dcf1d3b

  • SSDEEP

    393216:JBshtej0A45DhOjAqyX/2/hfC+dColWemRo7Bqpg7kaoxvFZC4GyePsV7:JBshcj0bDhO9yXu/jCp+BqpgDcFUDe

Score
10/10

Malware Config

Targets

    • Target

      Install.exe

    • Size

      66.5MB

    • MD5

      4c435701dc496d2fc74349488df7b6c7

    • SHA1

      6cf1f2618182eb0ced8ca95f71c542c439f8dafd

    • SHA256

      686bff65efbf36a85f0dae6ecc213baa1438a4373dbc251fee1f9ad7f3c327d9

    • SHA512

      c066bc65a641922111843fafc28cf3d9ac2c05ab6a21c064251ef597c6445c5d1d956831389b6fd27359b64e7695fb21bb36a4b53b9cdc64b703b09a111d4fb1

    • SSDEEP

      393216:SDkFSDIOq5CM7oLUqtDFWSiA9aPNObKvcsuCGnl0dh:SDkEDIEfrtD8uGMiceu0h

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      opengl32.dll

    • Size

      3.9MB

    • MD5

      e23a909c4d1f86e86dc366ae461fee04

    • SHA1

      295259f69918736ee71ddcf32347c75eb0154ee6

    • SHA256

      f522654ae4091305784e4a9cb532254f8cb5ba359e49e46ce47723c3d2eefc5a

    • SHA512

      3c61a6fbf631157cffb141cd0fed2cd5fd04b7d6f39d06adbb9a83a406ceffcdba269620cb6daba6ff44c5e831a15eec96dd207074099e183c07f32aeca91be8

    • SSDEEP

      49152:maKfYeGwtQUTd5Oc1eziEvRX5aU34b6Gi+JTpN9V93Sb6kmJcIvSpF+bEhr:mA2LD8RX4ff9Dkr

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks