General

  • Target

    file.exe

  • Size

    6.2MB

  • Sample

    240328-w26nfsdh59

  • MD5

    7b91d2784eaef8f79e4d60c1c1145d8b

  • SHA1

    328224b6fc4789054c16f71172c8dd4d85a3be8b

  • SHA256

    4f76cd6ec7222833969dcad5f71ab7cbddfd3714bc9adda334413c66c2826209

  • SHA512

    b4ad67dc218d83bed08fe0510ee08fdc1647c197cef9b4af0f0e3a3f2a572f437976c8fc282df0edb2f9e96b3326200451d73afb8eb1e40d6a6df7c8d3c8c934

  • SSDEEP

    98304:zuwg7O8YO6xtedsiMV6oaNIwkmTFfYURRHbry7/bGaas3RW1PfR/yxkBfPy8Sh:ARdsiAkJQi/y7yzs3RWVfJyxafp

Score
10/10

Malware Config

Targets

    • Target

      file.exe

    • Size

      6.2MB

    • MD5

      7b91d2784eaef8f79e4d60c1c1145d8b

    • SHA1

      328224b6fc4789054c16f71172c8dd4d85a3be8b

    • SHA256

      4f76cd6ec7222833969dcad5f71ab7cbddfd3714bc9adda334413c66c2826209

    • SHA512

      b4ad67dc218d83bed08fe0510ee08fdc1647c197cef9b4af0f0e3a3f2a572f437976c8fc282df0edb2f9e96b3326200451d73afb8eb1e40d6a6df7c8d3c8c934

    • SSDEEP

      98304:zuwg7O8YO6xtedsiMV6oaNIwkmTFfYURRHbry7/bGaas3RW1PfR/yxkBfPy8Sh:ARdsiAkJQi/y7yzs3RWVfJyxafp

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks