General
-
Target
file.exe
-
Size
6.2MB
-
Sample
240328-w26nfsdh59
-
MD5
7b91d2784eaef8f79e4d60c1c1145d8b
-
SHA1
328224b6fc4789054c16f71172c8dd4d85a3be8b
-
SHA256
4f76cd6ec7222833969dcad5f71ab7cbddfd3714bc9adda334413c66c2826209
-
SHA512
b4ad67dc218d83bed08fe0510ee08fdc1647c197cef9b4af0f0e3a3f2a572f437976c8fc282df0edb2f9e96b3326200451d73afb8eb1e40d6a6df7c8d3c8c934
-
SSDEEP
98304:zuwg7O8YO6xtedsiMV6oaNIwkmTFfYURRHbry7/bGaas3RW1PfR/yxkBfPy8Sh:ARdsiAkJQi/y7yzs3RWVfJyxafp
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
6.2MB
-
MD5
7b91d2784eaef8f79e4d60c1c1145d8b
-
SHA1
328224b6fc4789054c16f71172c8dd4d85a3be8b
-
SHA256
4f76cd6ec7222833969dcad5f71ab7cbddfd3714bc9adda334413c66c2826209
-
SHA512
b4ad67dc218d83bed08fe0510ee08fdc1647c197cef9b4af0f0e3a3f2a572f437976c8fc282df0edb2f9e96b3326200451d73afb8eb1e40d6a6df7c8d3c8c934
-
SSDEEP
98304:zuwg7O8YO6xtedsiMV6oaNIwkmTFfYURRHbry7/bGaas3RW1PfR/yxkBfPy8Sh:ARdsiAkJQi/y7yzs3RWVfJyxafp
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-