General
-
Target
88997e11b364563e7e052accf569d000.bin
-
Size
82.6MB
-
Sample
240326-dh733acd29
-
MD5
88997e11b364563e7e052accf569d000
-
SHA1
e00b7a277a54ddb32731812a3d52c6aad08245d9
-
SHA256
0c000bb4bf5f64251d64ec8017fd8d780bb9774e96c0e952d40c6b3c44a982d2
-
SHA512
608fe5ec620b345f62cb0620abca595d77361868ae20b5bcdda6abf376a739eb96275b3b1337b499a424adab4fe4ce9ebc4fd5d114352fcf914dbbb91277b93a
-
SSDEEP
1572864:yjaSOTtyHfX7EsuEu5T2VKSatJGxXsM9on74/iMHWOQtIZKndAEuzSJZ0xHVQxC+:yhOTtcEsuEu5T2nafwr9o7PMHWOQIglR
Static task
static1
Behavioral task
behavioral1
Sample
88997e11b364563e7e052accf569d000.appx
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
88997e11b364563e7e052accf569d000.appx
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://iigggkkl.monster/newdrop.bs64
Targets
-
-
Target
88997e11b364563e7e052accf569d000.bin
-
Size
82.6MB
-
MD5
88997e11b364563e7e052accf569d000
-
SHA1
e00b7a277a54ddb32731812a3d52c6aad08245d9
-
SHA256
0c000bb4bf5f64251d64ec8017fd8d780bb9774e96c0e952d40c6b3c44a982d2
-
SHA512
608fe5ec620b345f62cb0620abca595d77361868ae20b5bcdda6abf376a739eb96275b3b1337b499a424adab4fe4ce9ebc4fd5d114352fcf914dbbb91277b93a
-
SSDEEP
1572864:yjaSOTtyHfX7EsuEu5T2VKSatJGxXsM9on74/iMHWOQtIZKndAEuzSJZ0xHVQxC+:yhOTtcEsuEu5T2nafwr9o7PMHWOQIglR
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-