General
-
Target
mysetup.exe
-
Size
437KB
-
Sample
240329-fcw5qaaa6s
-
MD5
7960d8afbbac06f216cceeb1531093bb
-
SHA1
008221bf66a0749447cffcb86f2d1ec80e23fc76
-
SHA256
f6e476e8ccb571b9d7a76234953ad428e883ff4712b0062498ba3275d9749b84
-
SHA512
35d12e81eb892aeb2237049beca61a81469dea5b1c9b7a0b9f49fbf95a95c756509d9e76c732fb10b504f9f9692e1fbe83ea2fd09d791f793a928c01974b8147
-
SSDEEP
6144:fgY0pFLSksU7U6LdDXkQrrfEwPxu7Jf1r4zZr/CS9Qn5xgabMhaQsptC/E:YY21NNLdDXk2sE6JfN4zZrlQn5PSaH
Static task
static1
Behavioral task
behavioral1
Sample
mysetup.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
mysetup.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
mysetup.exe
-
Size
437KB
-
MD5
7960d8afbbac06f216cceeb1531093bb
-
SHA1
008221bf66a0749447cffcb86f2d1ec80e23fc76
-
SHA256
f6e476e8ccb571b9d7a76234953ad428e883ff4712b0062498ba3275d9749b84
-
SHA512
35d12e81eb892aeb2237049beca61a81469dea5b1c9b7a0b9f49fbf95a95c756509d9e76c732fb10b504f9f9692e1fbe83ea2fd09d791f793a928c01974b8147
-
SSDEEP
6144:fgY0pFLSksU7U6LdDXkQrrfEwPxu7Jf1r4zZr/CS9Qn5xgabMhaQsptC/E:YY21NNLdDXk2sE6JfN4zZrlQn5PSaH
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-